Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
libp2p-gossipsub: Gossipsub PRUNE Backoff Heartbeat Instant Overflow
Vulnerability Description
libp2p-rust is the official rust language Implementation of the libp2p networking stack. Prior to version 0.49.4, the Rust libp2p Gossipsub implementation contains a remotely reachable panic in backoff expiry handling. After a peer sends a crafted PRUNE control message with an attacker-controlled, near-maximum backoff value, the value is accepted and stored as an Instant near the representable upper bound. On a later heartbeat, the implementation performs unchecked Instant + Duration arithmetic (backoff_time + slack), which can overflow and panic with: overflow when adding duration to instant. This issue is reachable from any Gossipsub peer over normal TCP + Noise + mplex/yamux connectivity and requires no further authentication beyond becoming a protocol peer. This issue has been patched in version 0.49.4.
CVSS Information
N/A
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
rust-libp2p 安全漏洞
Vulnerability Description
rust-libp2p是libp2p开源的一种 libp2p 网络堆栈的 Rust 实现。 rust-libp2p 0.49.4之前版本存在安全漏洞,该漏洞源于处理特制PRUNE控制消息时未检查Instant和Duration的算术运算,可能导致远程内核崩溃。
CVSS Information
N/A
Vulnerability Type
N/A