CVE-2021-42074 - log back

CVE-2021-42074 edited at 02 Nov 2021 12:39:09
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ A security issue has been found in Barrier before version 2.3.4. When quickly opening and closing socket connections while sending a Hello message for each session then this will lead to a segmentation fault (probably use after free). This allows for a simple way to DoS the barrier server for an unauthenticated remote client. Further research of the supposed use after free might show more severe implications in the direction of executing code on the server.
References
+ https://www.openwall.com/lists/oss-security/2021/11/02/4
+ https://github.com/debauchee/barrier/pull/1351
CVE-2021-42074 created at 02 Nov 2021 12:28:17