Negative SubACK Causes Out-of-Bounds Memory Access in Mosquitto Subscribers
CVE-2024-10525

9.8CRITICAL

Key Information:

Vendor
Eclipse Foundation
Status
Mosquitto
Vendor
CVE Published:
30 October 2024

Summary

Eclipse Mosquitto clients, specifically those utilizing libmosquitto, are susceptible to an out of bounds memory access when a malicious broker transmits a crafted SUBACK packet devoid of reason codes. This vulnerability targets the mosquitto_sub and mosquitto_rr clients, posing a risk to data integrity and stability during subscription confirmations. It is crucial for users running versions 1.3.2 through 2.0.18 to upgrade to the latest version to mitigate potential exploitation risks.

Affected Version(s)

mosquitto 1.3.2 <= 2.0.18

References

https://gitlab.eclipse.org/security/vulnerability-reports...
https://mosquitto.org/blog/2024/10/version-2-0-19-released/
https://github.com/eclipse-mosquitto/mosquitto/commit/8ab...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Qingpeng Du
.
CVE-2024-10525 : Negative SubACK Causes Out-of-Bounds Memory Access in Mosquitto Subscribers | SecurityVulnerability.io