CVE-2023-31517
https://notcve.org/view.php?id=CVE-2023-31517
A memory leak in the component CConsole::Chain of Teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via opening a crafted file. • http://teeworlds.com https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b https://www.redpacketsecurity.com/teeworlds-denial-of-service-cve-2023-31517 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVE-2023-31518
https://notcve.org/view.php?id=CVE-2023-31518
A heap use-after-free in the component CDataFileReader::GetItem of teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via a crafted map file. • https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b https://github.com/teeworlds/teeworlds/issues/2970 https://mmmds.pl/fuzzing-map-parser-part-1-teeworlds • CWE-416: Use After Free •
CVE-2021-43518
https://notcve.org/view.php?id=CVE-2021-43518
Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution. Teeworlds versiones hasta 0.7.5 incluyéndola, es vulnerable a un desbordamiento del búfer. Un analizador de mapas no comprueba el valor m_Channels procedente de un archivo de mapas, conllevando a un desbordamiento del búfer. • https://github.com/teeworlds/teeworlds/issues/2981 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JIYZ7EVY6NZBM7FQF6GVUARYO6MKSEAT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OS2LI2RHQNUKUT3FKWYHRC27PLRWCHMZ https://mmmds.pl/fuzzing-map-parser-part-1-teeworlds • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •