Unrated severityNVD Advisory· Published Dec 3, 2019· Updated Aug 4, 2024
CVE-2019-5163
CVE-2019-5163
Description
An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Shadowsocks-libev/Shadowsocks-libevdescription
- Range: =3.3.2
- osv-coords3 versionspkg:rpm/opensuse/shadowsocks-libev&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/shadowsocks-libev&distro=openSUSE%20Tumbleweedpkg:rpm/suse/shadowsocks-libev&distro=SUSE%20Package%20Hub%2015%20SP1
< 3.3.3-lp151.2.3.1+ 2 more
- (no CPE)range: < 3.3.3-lp151.2.3.1
- (no CPE)range: < 3.3.5-1.9
- (no CPE)range: < 3.3.3-bp151.5.3.1
Patches
Vulnerability mechanics
References
3- lists.opensuse.org/opensuse-security-announce/2019-12/msg00023.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2020-01/msg00061.htmlmitrevendor-advisoryx_refsource_SUSE
- talosintelligence.com/vulnerability_reports/TALOS-2019-0956mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.