CVE-2023-48230 – Cap'n Proto WebSocket message can cause crash

https://notcve.org/view.php?id=CVE-2023-48230

Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a buffer underrun can be caused by a remote peer. The underrun always writes a constant value that is not attacker-controlled, likely resulting in a crash, enabling a remote denial-of-service attack. Most Cap'n Proto and KJ users are unlikely to have this functionality enabled and so unlikely to be affected. Maintainers suspect only the Cloudflare Workers Runtime is affected. If KJ HTTP is used with WebSocket compression enabled, a malicious peer may be able to cause a buffer underrun on a heap-allocated buffer. • https://github.com/capnproto/capnproto/commit/75c5c1499aa6e7690b741204ff9af91cce526c59 https://github.com/capnproto/capnproto/commit/e7f22da9c01286a2b0e1e5fbdf3ec9ab3aa128ff https://github.com/capnproto/capnproto/security/advisories/GHSA-r89h-f468-62w3 • CWE-124: Buffer Underwrite ('Buffer Underflow') CWE-787: Out-of-bounds Write •