p2r3 Bareiron Out-of-Bounds Read Vulnerability Allowing Information Leakage

An out-of-bounds read vulnerability has been identified in p2r3 Bareiron, a minimalist Minecraft server designed for memory-restrictive embedded systems. This vulnerability, present in versions starting from commit 269e8346ebfb97177f6e11ebd108149920c86fd0, allows unauthenticated remote attackers to leak relative information by sending specially crafted packets to the server. The issue arises because the server does not properly validate user-controlled integers before processing them, leading to unauthorized memory access and information disclosure.

Impact

Exploitation of this vulnerability allows for controlled out-of-bounds memory access, potentially leading to arbitrary memory read operations and information leakage.

Reproduction

To reproduce this vulnerability, send a packet to the server that includes an unvalidated integer value. The server will process this value without proper checks, allowing for out-of-bounds access to the player's inventory data. This can be done by manipulating the hotbar field in the packet, which is then used to access inventory items and counts, causing out-of-bounds reads of up to 255 bytes.