Severity |
|
Remote |
|
Type |
- |
Unknown |
+ |
Denial of service |
|
Description |
+ |
A security issue has been found in Barrier before version 2.3.4. When quickly opening and closing socket connections while sending a Hello message for each session then this will lead to a segmentation fault (probably use after free). This allows for a simple way to DoS the barrier server for an unauthenticated remote client. Further research of the supposed use after free might show more severe implications in the direction of executing code on the server. |
|
References |
+ |
https://www.openwall.com/lists/oss-security/2021/11/02/4 |
+ |
https://github.com/debauchee/barrier/pull/1351 |
|