cbcvebase.
CVE-2021-44847
published 2021-12-13

CVE-2021-44847: A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length…

PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.95%
89.1th percentile
A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 through 0.1.11 and 0.2.0 through 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote attackers to crash the process or potentially execute arbitrary code via a network packet.

Affected

5 ranges
VendorProductVersion rangeFixed in
debianlibtoxcore< libtoxcore 0.2.13-1 (bookworm)libtoxcore 0.2.13-1 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
toktoktoxcore0.1.9 – 0.1.11
toktoktoxcore0.2.0 – 0.2.12

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability exists in the handle_request function in DHT.c within toxcore; monitor for crashes or anomalous network packet handling in processes linked to toxcore versions 0.1.9–0.1.11 and 0.2.0–0.2.12
  • The vulnerability is remotely exploitable via a crafted network packet; inspect DHT protocol traffic for malformed or oversized packets targeting toxcore nodes
  • ·Debian 'bullseye' remains unpatched (open); systems running toxcore on bullseye are still vulnerable as of the advisory
  • ·Fixed version is 0.2.13; Debian bookworm, forky, sid, and trixie are resolved at 0.2.13-1

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.