Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-48468: unsigned integer overflow · Issue #499 · protobuf-c/protobuf-c

protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member.

CVE
#git

Bug: len - pref_len will cause integer overlow.
Sugested fix below:

diff --git a/protobuf-c/protobuf-c.c b/protobuf-c/protobuf-c.c
index ad1bdb1…fe5ae91 100644
— a/protobuf-c/protobuf-c.c
+++ b/protobuf-c/protobuf-c.c
@@ -2604,10 +2604,13 @@ parse_required_member(ScannedMember *scanned_member,
return FALSE;

            def_mess = scanned_member->field->default_value;
  •             subm = protobuf_c_message_unpack(scanned_member->field->descriptor,
    
  •                     subm = protobuf_c_message_unpack(scanned_member->field->descriptor,
                                                 allocator,
                                                 len - pref_len,
                                                 data + pref_len);
    
  •                     subm = NULL;
      
                if (maybe_clear &&
                    *pmessage != NULL &&

Related news

Gentoo Linux Security Advisory 202408-33

Gentoo Linux Security Advisory 202408-33 - Multiple vulnerabilities have been discovered in protobuf-c, the worst of which could result in denial of service. Versions greater than or equal to 1.4.1 are affected.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907