This repository was archived by the owner on Aug 2, 2021. It is now read-only.
This repository was archived by the owner on Aug 2, 2021. It is now read-only.
Remote Denial-of-service using malicious pss message in pss subprotocol #926
Description
| Attack scenario | An attacker can send a pss message with malicious parameters to attack a remote swarm node and make it crash |
|---|---|
| Components | Swarm client version 0.3.2 |
| Reproduction | Send a pss message with To length > 32 will lead to remote peer runtime error and crash it |
| Details | This bug was discovered by PeckShield and submitted through DVP platform. |
see https://docs.google.com/document/d/1Tw1vFnZzUT9JEK65SdXyS2U37_fVNgHoN2AO3MRtoGw/edit
Another:
| Attack scenario | An attacker can send a pss message with malicious parameters to attack a remote swarm node and make it crash |
|---|---|
| Components | Swarm client version 0.3.2 |
| Reproduction | Send a pss message with Control[] as an empty byte slice will trigger out-of-bound access and crash the remote node |
| Details | This bug was discovered by PeckShield and submitted through DVP platform. |