A stack-based buffer overflow in handle_request function in DHT.c in toxcore 0.1.9 up to and including 0.1.11 and 0.2.0 up to and including 0.2.12 (caused by an improper length calculation during the handling of received network packets) allows remote malicious users to crash the process or potentially execute arbitrary code via a network packet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
toktok toxcore |
||
fedoraproject fedora 34 |
||
fedoraproject fedora 35 |