[CVE-2020-26800] Stack based buffer overflow while parsing JSON file #5917
Stack based buffer overflow while parsing JSON file Leads to DoS
An attacker can supply a specially crafted config.json file, consisting of 3764 left square brackets or more, which results in segmentation fault by the application. This immediately results in Denial of Service, and with more advanced exploitation it can have further implications, with higher severity security issues.
Create a .json file consisting of 3764 left square brackets ([) or more. Run it using the following command;
The stack overflow can be examined with gdb (
I submitted this bug in the bug bounty program in Oct 05, 2020, but that kind of vulnerabilities are out of scope. As there was no intention to publish the vulnerability and issue a fix after 3 months I responsibly disclose the vulnerability with the intention to help the security team to fix the issue or mark the application as EOL if that's the case. As I didn't manage to properly compile the app with my fuzzers compiler I could use some insights on where the parser of the config file is.
In any case, I would be happy to help and assist with the issue.
Edit/Update: Github Issue creation for the issue has been approved.
Edit/Update 2: CVE has been issued. I will update once it is public.
Edit/Update 3: CVE has been published: https://nvd.nist.gov/vuln/detail/CVE-2020-26800
The text was updated successfully, but these errors were encountered: