µD3TN NULL Pointer Dereference Vulnerability Allowing Remote Denial-of-Service
Vulnerability
A NULL pointer dereference vulnerability has been identified in µD3TN version 0.14.2. This issue arises when a remote attacker sends a bundle with a destination Endpoint Identifier (EID) in the 'dtn' scheme that includes a Service Specific Part (SSP) starting with a tilde. The vulnerability leads to an immediate segmentation fault, causing a denial-of-service condition by crashing the uD3TN node.
Impact
Exploitation of this vulnerability causes a segmentation fault, leading to a crash of the uD3TN node.
Reproduction
To reproduce this vulnerability, send a BPv7 bundle to a µD3TN node with the destination EID set to the 'dtn' scheme and a tilde-prefixed SSP, such as 'dtn://node18/~tele'. This can be done using a crafted bundle that includes the appropriate EID format. The uD3TN node will crash upon processing the bundle, confirming the presence of the vulnerability.
Remediation
Users can upgrade to µD3TN version 0.14.3, which addresses this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.