CVE-2021-44847
Published: 13 December 2021
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libtoxcore
Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Needed
|
|
| hirsute |
Ignored
(end of life)
|
|
| impish |
Ignored
(end of life)
|
|
| jammy |
Released
(0.2.13-1)
|
|
| kinetic |
Released
(0.2.13-1)
|
|
| lunar |
Released
(0.2.13-1)
|
|
| mantic |
Released
(0.2.13-1)
|
|
| noble |
Released
(0.2.13-1)
|
|
| trusty |
Ignored
(end of standard support)
|
|
| upstream |
Released
(0.2.13-1)
|
|
| xenial |
Ignored
(end of standard support)
|
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 9.8 |
| Attack vector | Network |
| Attack complexity | Low |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |