Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2021-24029

UNKNOWN
Published 2021-03-15T21:15:16
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2021-24029. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit a67083ff4b8dcbb7ee2839da6338032030d712b0 and proxygen versions prior to v2021.03.15.00.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Facebook

mvfst

Affected Versions:

a67083ff4b8dcbb7ee2839da6338032030d712b0 unspecified
Facebook

proxygen

Affected Versions:

v2021.03.15.00 unspecified

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-hjc6-5p5c-w4wg

Advisory Details

A packet of death scenario is possible in mvfst via a specially crafted message during a QUIC session, which causes a crash via a failed assertion. Per QUIC specification, this particular message should be treated as a connection error. This issue affects mvfst versions prior to commit a67083ff4b8dcbb7ee2839da6338032030d712b0 and proxygen versions prior to v2021.03.15.00.

CVSS Scoring

CVSS Score

7.5

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2021-24029
WEB https://github.com/facebookincubator/mvfst/commit/a67083ff4b8dcbb7ee2839da6338032030d712b0
WEB https://www.facebook.com/security/advisories/cve-2021-24029

Advisory provided by GitHub Security Advisory Database. Published: May 24, 2022, Modified: May 24, 2022

References

https://github.com/facebookincubator/mvfst/commit/a67083ff4b8dcbb7ee2839da6338032030d712b0
https://www.facebook.com/security/advisories/cve-2021-24029
Published: 2021-03-15T21:15:16
Last Modified: 2024-08-03T19:21:17.115Z
Copied to clipboard!