CVE-2021-44847 log

Source
Severity Medium
Remote Yes
Type Arbitrary code execution
Description
A stack-based buffer overflow in handle_request function in DHT.c in toxcore before version 0.2.13 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.
Group Package Affected Fixed Severity Status Ticket
AVG-2627 toxcore 1:0.2.12-3 Medium Vulnerable
References
https://github.com/TokTok/c-toxcore/pull/1718
https://github.com/TokTok/c-toxcore/commit/0320e2eb8e2d680ecf07e3b8d4707e79e81cf63c