Unrated severityNVD Advisory· Published Oct 11, 2024· Updated Oct 31, 2024
Memory leak
CVE-2024-8376
Description
In Eclipse Mosquitto up to version 2.0.18a, an attacker can achieve memory leaking, segmentation fault or heap-use-after-free by sending specific sequences of "CONNECT", "DISCONNECT", "SUBSCRIBE", "UNSUBSCRIBE" and "PUBLISH" packets.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Eclipse Foundation/Mosquittov5Range: 2.0.18
Patches
Vulnerability mechanics
References
8- github.com/eclipse-mosquitto/mosquitto/commit/1914b3ee2a18102d0a94cbdbbfeae1afa03edd17mitrepatch
- github.com/eclipse/mosquitto/releases/tag/v2.0.19mitrepatch
- gitlab.eclipse.org/security/cve-assignement/-/issues/26mitrevendor-advisory
- gitlab.eclipse.org/security/vulnerability-reports/-/issues/216mitreissue-tracking
- gitlab.eclipse.org/security/vulnerability-reports/-/issues/217mitreissue-tracking
- gitlab.eclipse.org/security/vulnerability-reports/-/issues/218mitreissue-tracking
- gitlab.eclipse.org/security/vulnerability-reports/-/issues/227mitreissue-tracking
- mosquitto.orgmitreproduct
News mentions
0No linked articles in our index yet.