A new denial-of-service attack dubbed Loop DoS targets application layer protocols, enabling a self-perpetuating loop that generates massive traffic and can disrupt a target or its network. Researchers say the attack uses the User Datagram Protocol (UDP) and relies on IP spoofing, exploiting a vulnerability tracked as CVE-2024-2169.
It is estimated that 300,000 internet hosts are vulnerable to Loop DoS, with potential outcomes including overloaded services, network outages, or amplified DoS/DDoS effects through network loops. According to CERT Coordination Center, there are three potential outcomes when a vulnerability is leveraged, and CISPA researchers note the impact could span both outdated and modern protocols essential for time synchronization, DNS, and file transfer.
Vendors that have confirmed affected implementations include Broadcom, Cisco, Honeywell, Microsoft, and MikroTik; CERT/CC recommends applying latest vendor patches, tightening UDP services, and deploying anti-spoofing and QoS measures to mitigate the risk.