CVE-2021-42076 log

Source
Severity Low
Remote Yes
Type Denial of service
Description
A security issue has been found in Barrier before version 2.3.4. There is no check against overlong messages being sent by clients, so they can send up to 2^32 - 1 bytes, causing unauthenticated remote denial of service via excessive heap memory allocations. Multiple connections can be used to abuse this in parallel and cause even higher memory allocation, if necessary.
Group Package Affected Fixed Severity Status Ticket
AVG-2510 barrier 2.3.3-1 2.4.0-1 Low Fixed
References
https://www.openwall.com/lists/oss-security/2021/11/02/4
https://github.com/debauchee/barrier/pull/1347