Vulnerability DatabaseWS-2023-0421
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
WS-2023-0421
November 28, 2024
In raklib from 14.x reliable-ordered queue size is unlimited, allowing a session to hog server memory. A client can send reliable-ordered packets 0, 2, 3, 4, 5 ... etc, and all the packets 2 and up will stay in the reliable-ordered queue until 1 arrives. A malicious client can exploit this to waste all available server memory by simply never sending the missing packet. Since the server doesn't make any effort to limit the size of the queue or detect this kind of abuse, this problem is easy to abuse. This is fixed in versions 0.14.6,0.15.1.
Related Resources (3)
https://github.com/pmmp/RakLib/commit/371190f5854372154d1b263cd2a10e658e92bebe
https://github.com/pmmp/RakLib/security/advisories/GHSA-w98g-5fmx-wm4x
https://github.com/pmmp/RakLib
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.9
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
NONE
Vulnerable System Availability
LOW
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW
Weakness Type (CWE)
Uncontrolled Resource Consumption
CWE-400