Free of Memory not on the Heap

CVE-2020-6016

High

9.8/10

Summary

Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNP_ReceiveUnreliableSegment(), leading to a Heap-Based Buffer Underflow and a free() of memory not from the heap, resulting in a memory corruption and probably even a remote code execution.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-590 - Free of Memory not on the Heap

The application calls free() on a pointer to memory that was not allocated using associated heap allocation functions such as malloc(), calloc(), or realloc().

References

Advisory Timeline

Published Nov 18, 2020

Free of Memory not on the Heap

CVE-2020-6016

Summary

CWE-590 - Free of Memory not on the Heap

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS