Lack of Packet Sanitation in Goflow Results in Multiple DoS Attack Vectors and Bugs
High
C
Cloudflare Public Bug Bounty
Submitted None
Team Summary
Official summary from Cloudflare Public Bug Bounty
sflow decode package of the [Goflow](https://github.com/cloudflare/goflow) application did not implement sufficient packet sanitisation which could lead to a denial of service attack. Attackers could craft malformed packets causing the process to consume large amounts of memory resulting in a denial of service. The issue has been fixed by Cloudflare Engineering team in the 3.4.4 Goflow release.
Actions:
Reported by
path_network
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Bounty
$500.00
Submitted
Weakness
Uncontrolled Resource Consumption