Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution.
CVSS Information
N/A
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
Valvesoftware GameNetworkingSockets 缓冲区错误漏洞
Vulnerability Description
Valvesoftware GameNetworkingSockets是美国维尔福(Valvesoftware)公司的一个用于游戏传递数据的传输层支持软件。 Valve Game Networking Sockets 1.2.0之前版本存在安全漏洞,该漏洞源于AES_GCM_DecryptContext::Decrypt()中不正确地处理长时间加密的消息,导致基于堆栈的缓冲区溢出,并导致内存损坏,甚至可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A