CVE-2021-42076 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Low
Remote	Yes
Type	Denial of service
Description	A security issue has been found in Barrier before version 2.3.4. There is no check against overlong messages being sent by clients, so they can send up to 2^32 - 1 bytes, causing unauthenticated remote denial of service via excessive heap memory allocations. Multiple connections can be used to abuse this in parallel and cause even higher memory allocation, if necessary.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2510	barrier	2.3.3-1	2.4.0-1	Low	Fixed

References
https://www.openwall.com/lists/oss-security/2021/11/02/4 https://github.com/debauchee/barrier/pull/1347