CVE-2021-44847
published 2021-12-13CVE-2021-44847: A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.95%
89.1th percentile
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libtoxcore | < libtoxcore 0.2.13-1 (bookworm) | libtoxcore 0.2.13-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| toktok | toxcore | 0.1.9 – 0.1.11 | — |
| toktok | toxcore | 0.2.0 – 0.2.12 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability exists in the handle_request function in DHT.c within toxcore; monitor for crashes or anomalous network packet handling in processes linked to toxcore versions 0.1.9–0.1.11 and 0.2.0–0.2.12 ↗
- →The vulnerability is remotely exploitable via a crafted network packet; inspect DHT protocol traffic for malformed or oversized packets targeting toxcore nodes ↗
- ·Debian 'bullseye' remains unpatched (open); systems running toxcore on bullseye are still vulnerable as of the advisory ↗
- ·Fixed version is 0.2.13; Debian bookworm, forky, sid, and trixie are resolved at 0.2.13-1 ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-62pr-4hg6-fwph: A stack-based buffer overflow in handle_request function in DHT
ghsa_unreviewed·2021-12-14
CVE-2021-44847 [CRITICAL] CWE-787 GHSA-62pr-4hg6-fwph: A stack-based buffer overflow in handle_request function in DHT
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.
OSV
CVE-2021-44847: A stack-based buffer overflow in handle_request function in DHT
osv·2021-12-13·CVSS 9.8
CVE-2021-44847 [CRITICAL] CVE-2021-44847: A stack-based buffer overflow in handle_request function in DHT
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.
Debian
CVE-2021-44847: libtoxcore - A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1...
vendor_debian·2021·CVSS 9.8
CVE-2021-44847 [CRITICAL] CVE-2021-44847: libtoxcore - A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1...
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.
Scope: local
bookworm: resolved (fixed in 0.2.13-1)
bullseye: open
forky: resolved (fixed in 0.2.13-1)
sid: resolved (fixed in 0.2.13-1)
trixie: resolved (fixed in 0.2.13-1)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/TokTok/c-toxcore/pull/1718https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7EBS3NIRYJ7V3PTNINP3PJSVUHGZTGA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLTKINSPO5T65LB3ZASDPCREKUE22RYE/https://github.com/TokTok/c-toxcore/pull/1718https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S7EBS3NIRYJ7V3PTNINP3PJSVUHGZTGA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLTKINSPO5T65LB3ZASDPCREKUE22RYE/
2021-12-13
Published