wb2osz/direwolf <= 1.8.1 Stack-based Buffer Overflow DoS

wb2osz/direwolf (Dire Wolf) versions up to and including 1.8, prior to commit 694c954, contain a stack-based buffer overflow vulnerability in the function kiss_rec_byte() located in src/kiss_frame.c. When processing crafted KISS frames that reach the maximum allowed frame length (MAX_KISS_LEN), the function appends a terminating FEND byte without reserving sufficient space in the stack buffer. This results in an out-of-bounds write followed by an out-of-bounds read during the subsequent call to kiss_unwrap(), leading to stack memory corruption or application crashes. This vulnerability may allow remote unauthenticated attackers to trigger a denial-of-service condition.

N/A

栈缓冲区溢出

Dire Wolf 安全漏洞

Dire Wolf是wb2osz个人开发者的一个软件无线电调制解调器。 Dire Wolf 1.8及之前版本存在安全漏洞，该漏洞源于kiss_rec_byte函数存在栈缓冲区溢出，可能导致栈内存损坏或应用程序崩溃。

N/A

N/A