CVE-2018-1000224 — Incorrect Calculation of Buffer Size in Godot

CWE-131 — Incorrect Calculation of Buffer Size CWE-190 — Integer Overflow or Wraparound CWE-681 — Incorrect Conversion between Numeric Types CWE-908 — Use of Uninitialized Resource CWE-909 — Missing Initialization of Resource5 documents5 sources

Severity

7.5HIGHNVD

EPSS

13.2%

top 5.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Godotengine Godot

Timeline

PublishedAug 20

Latest updateMay 13

Description

Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. contains a Signed/unsigned comparison, wrong buffer size chackes, integer overflow, missing padding initialization vulnerability in (De)Serialization functions (core/io/marshalls.cpp) that can result in DoS (packet of death), possible leak of uninitialized memory. This attack appear to be exploitable via A malformed packet is received over the network by a Godot application that uses built-in serialization (e.g. g…

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDgodotengine/godot3.0.0 — 3.0.6+1

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-rc36-5vc3-6jxx: Godot Engine version All versions prior to 2↗2022-05-13

▶

CVEList

CVE-2018-1000224: Godot Engine version All versions prior to 2↗2018-08-20

▶

📋Vendor Advisories

Debian

CVE-2018-1000224: godot - Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0....↗2018

▶

💬Community

Bugzilla

godot-3.0.6-stable is available (fixes CVE-2018-1000224)↗2018-07-09

▶