NanoMQ Buffer Overflow Vulnerability in PUBLISH Packet Handling

A buffer overflow vulnerability has been identified in NanoMQ versions prior to 0.24.4. This issue arises in the message broker's handling of PUBLISH packets, which inadvertently trigger both shared and vanilla subscriptions. The buffer overflow occurs in the 'pub_handler' component, leading to potential memory corruption.

Impact

Exploitation of this vulnerability causes a heap-based buffer overflow, which can lead to memory corruption and potentially allow for arbitrary code execution.

Reproduction

The vulnerability can be reproduced by sending PUBLISH packets that activate both shared and vanilla subscriptions while using NanoMQ version 0.24.2. This can be done by publishing messages to a topic that has shared subscriptions enabled, which will trigger the buffer overflow in the 'pub_handler' component.

Remediation

Users can upgrade to NanoMQ version 0.24.4 or later to address this vulnerability. As an alternative, shared subscriptions can be disabled to mitigate the issue.