CVE-2021-44847 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | A stack-based buffer overflow in handle_request function in DHT.c in toxcore before version 0.2.13 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2627 | toxcore | 1:0.2.12-3 | 1:0.2.13-1 | Medium | Fixed |
| References |
|---|
https://github.com/TokTok/c-toxcore/pull/1718 https://github.com/TokTok/c-toxcore/commit/0320e2eb8e2d680ecf07e3b8d4707e79e81cf63c https://github.com/TokTok/c-toxcore/releases/tag/v0.2.13 |