Nimiq Core Rust Albatross Discovery Handler Underflow Vulnerability Leading to Denial-of-Service
Vulnerability
A vulnerability in the discovery handshake process of nimiq/core-rs-albatross versions through 1.2.2 allows a peer to send a limit of zero, which is accepted and stored without modification. This creates a false impression of a benign session. Once the session is established, the system attempts to update the peer list based on the received limit. With a limit of zero, the calculation wraps around to the maximum value for an unsigned size, causing a deliberate panic due to a capacity overflow when the system tries to allocate space for a vector. This issue has been resolved in version 1.3.0.
Impact
Exploitation of this vulnerability causes a panic in the application due to a capacity overflow, which can lead to a denial-of-service condition by crashing the application.
Remediation
Users can upgrade to Nimiq Core Rust Albatross version 1.3.0 to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.