oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request : Libtorrent 1.1.0 inflate_gzip denial of service

From: cve-assign () mitre org
Date: Thu, 8 Sep 2016 02:56:08 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


I recently opened a bug on "Libtorrent 1.1.0" regarding malformed GZIP
encoded responses that causes  denial of service.

For example, an attacker-controlled torrent tracker can crash victim torrent 
clients by sending malformed GZIP responses.

This bug has been fixed by the maintainer in master and the branch RC_1_1:

https://github.com/arvidn/libtorrent/issues/1021

https://github.com/arvidn/libtorrent/pull/1022

I also tested the bug with two "Libtorrent based" softwares :
qBittorrent and Deluge. Both of them were affected and crashed on
receiving the malformed response.



https://github.com/arvidn/libtorrent/commit/debf3c6e3688aab8394fe5c47737625faffe6f9e

puff.cpp


Use CVE-2016-7164.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX0QmmAAoJEHb/MwWLVhi2oXIP/ibAPUZFAW/XXP6iss3b04nk
SLf+84eQSmM/2SwvyenV3esac9tUjzeJVqpAE2X66gI8hyYPd7sc4L4+nAgQcdfz
5A6oeoQS2P0j9uSi5IdURWwKIFoXIcFIdW3qzC9oojtYdEVP+Xo4MkesW6kDKX2o
eLA0cxtvfQk7NQqfLCKpRZZHlIbcco90sdQ3Flo+MrSaQZ87YR0ObnA4igFmOZQa
Mf/M2gvRI703yLITvYrv1GmNDmi01q352jQrhYw3RUAvsHfv+ZbWlAKNOH4r7uMV
u2S6gv4gI7ksEBg1HzUn0rk1Z3L0OuacCaaeKS+NfV12bVsZR+oaI8lz2L5weiOD
LY5Z8Cecm58UgDfU5cRZyoug2caOkprVlABhuPcIazofH69Jz2h7ATiAniosL2qX
3x+OPfZmAzkMC9C/6q2ga+ZjrEEjGEAEITV263K7vZaBTXRp+QLLZFOUHsyZO2wP
MANrF9ELcaB6mnG0N1W5PmJJmaEKnkA19XmoLBHr9zzbWhS8n7Rm2ryQKSWphW6o
P8579s3A6no+xxmsFbHU5aCwCQA/fwG2vV9ZLcaAq95k4ZxMwLT1Q+XLGa5idzHZ
FvDvdpTNIgyJLOO1boSlrqx5u8O7n02Zs6WTtdfvnen1GF8Qpef1Un/bzuRDbq+C
Op5ntMq/hNVu53sg1i+T
=yPhy
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: