Skip to content

Negative-numbered frame SFX causes game crash

Moderate
oldmud0 published GHSA-fg27-9r2v-r9p8 Mar 29, 2021

Package

No package listed

Affected versions

2.8.4-2.8.5.1

Patched versions

2.9.0

Description

Impact

A specially crafted MS (in-character) packet that includes a negative frame number in the Frame SFX field will cause a game crash. Such a packet can be sent by any user in a 2.8-enabled server and will crash all users in that area. This is a denial-of-service exploit.

Patches

The issue is fixed in the 2.9.0 client.

Workarounds

Server implementations may attempt to sanitize the Frame SFX field and block messages with invalid input.

Severity

Moderate

CVE ID

No known CVE

Weaknesses

No CWEs

Credits