GHSA-5jfw-35xp-5m42
Suggest an improvement- Source
- https://github.com/advisories/GHSA-5jfw-35xp-5m42
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/04/GHSA-5jfw-35xp-5m42/GHSA-5jfw-35xp-5m42.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-5jfw-35xp-5m42
- Published
- 2022-04-05T17:53:22Z
- Modified
- 2024-12-05T05:39:20.852353Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Buffer length underflow in LoginPacket causing unchecked exceptions to be thrown
- Details
-
Impact
LoginPacketusesBinaryStream->getLInt()to read the lengths of JSON payloads it wants to decode. Unfortunately,BinaryStream->getLInt()returns a signed integer, meaning that a malicious client can craft a packet with a large uint32 value for payload buffer size (which would be interpreted as a negative signed int32), causingBinaryStream->get()to throw an exception.In the context of PocketMine-MP, this leads to a server crash when the vulnerability is exploited.
Patches
e3fce7632b94e83fd6a518a87dcaf6a11681c4ac
Workarounds
This can be worked around by registering a custom
LoginPacketimplementation intoPacketPoolwhich overrides this code to patch it.For more information
- Email us at team@pmmp.io
- Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-124" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2022-04-05T17:53:22Z" }- References
Affected packages
Packagist / pocketmine/bedrock-protocol
Package
- Name
- pocketmine/bedrock-protocol
- Purl
- pkg:composer/pocketmine/bedrock-protocol
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8.0.2
Affected versions
1.*
1.0.0+bedrock-1.17.10
1.1.0+bedrock-1.17.10
2.*
2.0.0+bedrock-1.17.30
3.*
3.0.0+bedrock-1.17.40
3.0.1+bedrock-1.17.40
3.0.2+bedrock-1.17.40
4.*
4.0.0+bedrock-1.17.40
4.0.1+bedrock-1.17.40
5.*
5.0.0+bedrock-1.17.40
5.1.0+bedrock-1.17.40
5.1.1+bedrock-1.17.40
5.1.2+bedrock-1.17.40
5.1.3+bedrock-1.17.40
6.*
6.0.0+bedrock-1.17.40
7.*
7.0.0+bedrock-1.18.0
7.1.0+bedrock-1.18.0
7.2.0+bedrock-1.18.0
7.3.0+bedrock-1.18.0
7.3.1+bedrock-1.18.0
8.*
8.0.0+bedrock-1.18.10
8.0.1+bedrock-1.18.10
8.0.2+bedrock-1.18.10