Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-26164: Don't brute-force reading the socket · KDE/kdeconnect-kde@8112729

In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

CVE
#dos#ssl

@@ -13,16 +13,19 @@

#include <QProcess>

#include <QEventLoop>

#include <QTimer>

#include <QSignalSpy>

class TestSocketLineReader : public QObject

{

Q_OBJECT

public Q_SLOTS:

void initTestCase();

void init();

void cleanup() { delete m_server; }

void newPacket();

private Q_SLOTS:

void socketLineReader();

void badData();

private:

QTimer m_timer;

@@ -33,8 +36,9 @@ private Q_SLOTS:

SocketLineReader* m_reader;

};

void TestSocketLineReader::initTestCase()

void TestSocketLineReader::init()

{

m_packets.clear();

m_server = new Server(this);

QVERIFY2(m_server->listen(QHostAddress::LocalHost, 8694), “Failed to create local tcp server”);

@@ -85,6 +89,29 @@ void TestSocketLineReader::socketLineReader()

}

}

void TestSocketLineReader::badData()

{

const QList<QByteArray> dataToSend = { "data1\n", “data” }; //does not end in a \n

for (const QByteArray& line : qAsConst(dataToSend)) {

m_conn->write(line);

}

m_conn->flush();

QSignalSpy spy(m_server, &QTcpServer::newConnection);

QVERIFY(m_server->hasPendingConnections() || spy.wait(1000));

QSslSocket* sock = m_server->nextPendingConnection();

QVERIFY2(sock != nullptr, “Could not open a connection to the client”);

m_reader = new SocketLineReader(sock, this);

connect(m_reader, &SocketLineReader::readyRead, this, &TestSocketLineReader::newPacket);

m_timer.start();

m_loop.exec();

QCOMPARE(m_packets.count(), 1);

QCOMPARE(m_packets[0], dataToSend[0]);

}

void TestSocketLineReader::newPacket()

{

int maxLoops = 5;

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907