Note:
This project will be discontinued after December 13, 2021. [more]
2019-04-05
In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution.
Products | Teeworlds |
Type | Out-of-bounds Write (CWE-787) |
First patch | - None (likely due to unavailable code) |
Patches | https://github.com/teeworlds/teeworlds/issues/2073 |
Links |
• http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00077.html
• http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00046.html • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5KCS2CFDYJFBLZ4QKVPNJWHOZEGQ2LBC/ |