Ecosyste.ms: Advisories

Security Advisories: GSA_kwCzR0hTQS1jeDk0LW1yZzktcnE0as4AArBC

Pion/DTLS contains buffer for inbound DTLS fragments with no limit

Impact

A buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or times out. An attacker could exploit this to cause excessive memory usage.

Patches

Upgrade to Pion DTLS v2.1.4

Workarounds

No workarounds available, upgrade to Pion DTLS v2.1.4

References

Thank you to Juho Nurminen and the Mattermost team for discovering and reporting this.

For more information

If you have any questions or comments about this advisory:

• Open an issue in Pion DTLS
• Email us at [email protected]

Permalink: https://github.com/advisories/GHSA-cx94-mrg9-rq4j
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1jeDk0LW1yZzktcnE0as4AArBC
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: almost 2 years ago
Updated: 8 months ago

CVSS Score: 5.3
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Identifiers: GHSA-cx94-mrg9-rq4j, CVE-2022-29189
References:

• https://github.com/pion/dtls/security/advisories/GHSA-cx94-mrg9-rq4j
• https://nvd.nist.gov/vuln/detail/CVE-2022-29189
• https://github.com/pion/dtls/commit/a6397ff7282bc56dc37a68ea9211702edb4de1de
• https://github.com/pion/dtls/releases/tag/v2.1.4
• https://pkg.go.dev/vuln/GO-2022-0461
• https://github.com/advisories/GHSA-cx94-mrg9-rq4j

Repository: https://github.com/pion/dtls
Blast Radius: 16.0

Affected Packages