---

CVE-2021-44847 - log back

CVE-2021-44847 edited at 15 Apr 2022 15:32:56
References	https://github.com/TokTok/c-toxcore/pull/1718 https://github.com/TokTok/c-toxcore/commit/0320e2eb8e2d680ecf07e3b8d4707e79e81cf63c + https://github.com/TokTok/c-toxcore/releases/tag/v0.2.13

CVE-2021-44847 edited at 13 Dec 2021 11:24:18
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Type	- Unknown + Arbitrary code execution
Description	+ A stack-based buffer overflow in handle_request function in DHT.c in toxcore before version 0.2.13 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.
References	+ https://github.com/TokTok/c-toxcore/pull/1718 + https://github.com/TokTok/c-toxcore/commit/0320e2eb8e2d680ecf07e3b8d4707e79e81cf63c
Notes

CVE-2021-44847 created at 13 Dec 2021 11:22:59