CVE-2020-36400
Description
ZeroMQ libzmq 4.3.3 heap buffer overflow in zmq::tcp_read allows unauthenticated remote attackers to cause denial of service or potential code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ZeroMQ libzmq 4.3.3 heap buffer overflow in zmq::tcp_read allows unauthenticated remote attackers to cause denial of service or potential code execution.
Vulnerability
ZeroMQ libzmq version 4.3.3 contains a heap-based buffer overflow in the zmq::tcp_read function [1]. This is a distinct vulnerability from CVE-2021-20235. The overflow occurs when processing specially crafted network messages, leading to memory corruption.
Exploitation
An unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted message to a service using the affected libzmq version. No prior authentication or special privileges are required. The attacker only needs network access to the target.
Impact
Successful exploitation results in a heap-based buffer overflow, which can cause a denial of service (crash) or potentially allow arbitrary code execution in the context of the affected process.
Mitigation
The vulnerability was addressed in commit 397ac80 [2], which makes the static allocator's resize method a no-op to prevent the overflow. Users should update to a version of libzmq that includes this fix (e.g., any release after 4.3.3). No workarounds are documented.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- ZeroMQ/libzmqdescription
Patches
1397ac80850bfProblem: ZMTP v1 static allocator is needlessly resized
1 file changed · +2 −1
src/decoder_allocators.hpp+2 −1 modified@@ -58,7 +58,8 @@ class c_single_allocator std::size_t size () const { return _buf_size; } - void resize (std::size_t new_size_) { _buf_size = new_size_; } + // This buffer is fixed, size must not be changed + void resize (std::size_t new_size_) { LIBZMQ_UNUSED (new_size_); } private: std::size_t _buf_size;
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3- bugs.chromium.org/p/oss-fuzz/issues/detailmitrex_refsource_MISC
- github.com/google/oss-fuzz-vulns/blob/main/vulns/libzmq/OSV-2020-1887.yamlmitrex_refsource_MISC
- github.com/zeromq/libzmq/commit/397ac80850bf8d010fae23dd215db0ee2c677306mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.