CVE-2023-3592 – mosquitto: memory leak leads to unresponsive broker
https://notcve.org/view.php?id=CVE-2023-3592
In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types. En Mosquitto anterior a 2.0.16, se produce una pérdida de memoria cuando los clientes envían paquetes CONNECT v5 con un mensaje de voluntad que contiene tipos de propiedades no válidos. A memory leak vulnerability was found in Eclipse Mosquitto. This issue is triggered by malicious initial packets or certain client actions and may allow a remote attacker to the deplete system resources causing memory exhaustion, leading to a disruption in services and a denial of service condition. • https://mosquitto.org/blog/2023/08/version-2-0-16-released https://security.gentoo.org/glsa/202401-09 https://access.redhat.com/security/cve/CVE-2023-3592 https://bugzilla.redhat.com/show_bug.cgi?id=2236882 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2023-28366 – mosquitto: memory leak leads to unresponsive broker
https://notcve.org/view.php?id=CVE-2023-28366
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function. El intermediario en Eclipse Mosquitto 1.3.2 hasta 2.x anterior a 2.0.16 tiene una pérdida de memoria de la que se puede abusar de forma remota cuando un cliente envía muchos mensajes QoS 2 con ID de mensajes duplicados y no responde a los comandos PUBREC. Esto ocurre debido a un mal manejo de EAGAIN desde la función de envío de libc. A memory leak vulnerability was found in Eclipse Mosquitto. • https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9 https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJ2FMBGVVQEQWTTQB7YLKTAHMX2UM66X https://mosquitto.org/blog/2023/08/version-2-0-16-released https://security.gentoo.org/glsa/202401-09 https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt https://www.debian • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2021-41039
https://notcve.org/view.php?id=CVE-2021-41039
In versions 1.6 to 2.0.11 of Eclipse Mosquitto, an MQTT v5 client connecting with a large number of user-property properties could cause excessive CPU usage, leading to a loss of performance and possible denial of service. En las versiones 1.6 a 2.0.11 de Eclipse Mosquitto, un cliente MQTT v5 que se conecte con un gran número de propiedades de usuario podría causar un uso excesivo de la CPU, conllevando a una pérdida de rendimiento y una posible denegación de servicio • https://bugs.eclipse.org/bugs/show_bug.cgi?id=575314 https://www.debian.org/security/2023/dsa-5511 • CWE-1050: Excessive Platform Resource Consumption within a Loop •
CVE-2021-34434
https://notcve.org/view.php?id=CVE-2021-34434
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked. En Eclipse Mosquitto versiones 2.0 hasta 2.0.11, cuando se usa el plugin de seguridad dinámica, si se revoca la habilidad de un cliente para realizar suscripciones en un tema cuando un cliente duradero está fuera de línea, las suscripciones existentes para ese cliente no son revocadas. • https://bugs.eclipse.org/bugs/show_bug.cgi?id=575324 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4WWGVF5BUFPYPCFUPPP4KRIYI5OTJN2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLUUM52Y6AEICPXPSRRXC6OBY4H5XKW7 https://www.debian.org/security/2023/dsa-5511 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVE-2021-34432
https://notcve.org/view.php?id=CVE-2021-34432
In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0. En Eclipse Mosquitto versiones 2.07 y anteriores, el servidor se bloqueará si el cliente intenta enviar un paquete PUBLISH con longitud de tema = 0 • https://bugs.eclipse.org/bugs/show_bug.cgi?id=574141 • CWE-20: Improper Input Validation •