CVE-2021-42076 log
Source |
|
Severity | Low |
Remote | Yes |
Type | Denial of service |
Description | A security issue has been found in Barrier before version 2.3.4. There is no check against overlong messages being sent by clients, so they can send up to 2^32 - 1 bytes, causing unauthenticated remote denial of service via excessive heap memory allocations. Multiple connections can be used to abuse this in parallel and cause even higher memory allocation, if necessary. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2510 | barrier | 2.3.3-1 | 2.4.0-1 | Low | Fixed |
References |
---|
https://www.openwall.com/lists/oss-security/2021/11/02/4 https://github.com/debauchee/barrier/pull/1347 |