A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.
References
Configurations
History
21 Nov 2024, 06:31
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/TokTok/c-toxcore/pull/1718 - Exploit, Issue Tracking, Patch, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7EBS3NIRYJ7V3PTNINP3PJSVUHGZTGA/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLTKINSPO5T65LB3ZASDPCREKUE22RYE/ - |
07 Nov 2023, 03:39
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
08 Aug 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-682 |
Information
Published : 2021-12-13 01:15
Updated : 2024-11-21 06:31
NVD link : CVE-2021-44847
Mitre link : CVE-2021-44847
CVE.ORG link : CVE-2021-44847
JSON object : View
Products Affected
toktok
- toxcore
fedoraproject
- fedora
CWE
CWE-682
Incorrect Calculation