CVE-2022-35922

{"id": "CVE-2022-35922", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-08-01T22:15:10.460", "references": [{"url": "https://github.com/websockets-rs/rust-websocket/commit/cbf6e9983e839d2ecad86de8cd1b3f20ed43390b", "tags": ["Patch", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/websockets-rs/rust-websocket/security/advisories/GHSA-qrjv-rf5q-qpxc", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4V2EOOU5OLEHVMKAH6BALQXKDKIZRXCI/", "source": "security-advisories@github.com"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYPNCM4H4OFBIZI6XMJ2DUTS54FT2TWP/", "source": "security-advisories@github.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-770"}]}, {"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory (OOM) process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based on the declared dataframe size, which may come from an untrusted source. When `Vec::with_capacity` fails to allocate, the default Rust allocator will abort the current process, killing all threads. This affects only sync (non-Tokio) implementation. Async version also does not limit memory, but does not use `with_capacity`, so DoS can happen only when bytes for oversized dataframe or message actually got delivered by the attacker. The crashes are fixed in version 0.26.5 by imposing default dataframe size limits. Affected users are advised to update to this version. Users unable to upgrade are advised to filter websocket traffic externally or to only accept trusted traffic."}, {"lang": "es", "value": "Rust-WebSocket es una biblioteca WebSocket (RFC6455) escrita en Rust. En versiones anteriores a la 0.26.5, las conexiones de websocket que no son confiables pueden causar una interrupci\u00f3n del proceso por falta de memoria (OOM) en un cliente o un servidor. La causa del problema es durante el an\u00e1lisis de los marcos de datos. Las versiones afectadas asignan un b\u00fafer basado en el tama\u00f1o declarado del marco de datos, que puede provenir de una fuente no confiable. Cuando \"Vec::with_capacity\" falla en la asignaci\u00f3n, el asignador por defecto de Rust abortar\u00e1 el proceso actual, matando todos los hilos. Esto afecta s\u00f3lo a la implementaci\u00f3n sync (no-Tokio). La versi\u00f3n as\u00edncrona tampoco limita la memoria, pero no usa \"with_capacity\", por lo que el DoS puede ocurrir s\u00f3lo cuando los bytes para el marco de datos o el mensaje sobredimensionados son realmente entregados por el atacante. Los bloqueos son corregidos en versi\u00f3n 0.26.5, al imponer l\u00edmites de tama\u00f1o de dataframe por defecto. Es recomendado a usuarios afectados actualizar a esta versi\u00f3n. Es recomendado a usuarios que no puedan actualizar filtrar el tr\u00e1fico de websocket externamente o que s\u00f3lo acepten tr\u00e1fico confiable"}], "lastModified": "2023-11-07T03:49:26.813", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:rust-websocket_project:rust-websocket:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2ABBA7B4-72B4-4792-ACE3-012315F713DF", "versionEndExcluding": "0.26.5"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}