Impact
When a message with COTP message length field with value < 4 is received a integer underflow will happend and leading to heap buffer overflow.
This can cause an application crash or on some platforms even the execution of remote code.
Severity
If your application is used in open networks or there are untrusted nodes in the network it is highly recommend to apply the patch.
Patches
Problem was patched with commit 033ab5b. Users of version 1.4.x should upgrade to version 1.4.3 when available.
Workarounds
As a workaround changes of commit 033ab5b can be applied to older versions.
References
see #250
For more information
If you have any questions or comments about this advisory:
Credits
leommxj from Chaitin Security Research Lab
leommxj Analyst
Impact
When a message with COTP message length field with value < 4 is received a integer underflow will happend and leading to heap buffer overflow.
This can cause an application crash or on some platforms even the execution of remote code.
Severity
If your application is used in open networks or there are untrusted nodes in the network it is highly recommend to apply the patch.
Patches
Problem was patched with commit 033ab5b. Users of version 1.4.x should upgrade to version 1.4.3 when available.
Workarounds
As a workaround changes of commit 033ab5b can be applied to older versions.
References
see #250
For more information
If you have any questions or comments about this advisory:
Credits
leommxj from Chaitin Security Research Lab