Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Yamux remote Panic via malformed Data frame with SYN set and len = 262145
Vulnerability Description
Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. Prior to 0.13.10, the Rust implementation of Yamux can panic when processing a crafted inbound Data frame that sets SYN and uses a body length greater than DEFAULT_CREDIT (e.g. 262145). On the first packet of a new inbound stream, stream state is created and a receiver is queued before oversized-body validation completes. When validation fails, the temporary stream is dropped and cleanup may call remove(...).expect("stream not found"), triggering a panic in the connection state machine. This is remotely reachable over a normal Yamux session and does not require authentication. This vulnerability is fixed in 0.13.10.
CVSS Information
N/A
Vulnerability Type
未捕获的异常
Vulnerability Title
Yamux 安全漏洞
Vulnerability Description
Yamux是美国libp2p开源的一个多路复用器。 Yamux 0.13.10之前版本存在安全漏洞,该漏洞源于处理特制入站Data帧时可能触发恐慌,该帧设置SYN并使用大于DEFAULT_CREDIT的正文长度,可能导致连接状态机崩溃。
CVSS Information
N/A
Vulnerability Type
N/A