CVE-2023-28366: The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function. CVE-2023-0809: In Mosquitto before 2.0.16, excessive memory is allocated based on malicious initial packets that are not CONNECT packets. CVE-2023-3592: In Mosquitto before 2.0.16, a memory leak occurs when clients send v5 CONNECT packets with a will message that contains invalid property types. Please stabilize >2.0.16.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4d0f6ea3c6a5f6216ea75a4c6c7e960f7f2b08f3 commit 4d0f6ea3c6a5f6216ea75a4c6c7e960f7f2b08f3 Author: Matt Turner <mattst88@gentoo.org> AuthorDate: 2023-11-29 17:40:36 +0000 Commit: Matt Turner <mattst88@gentoo.org> CommitDate: 2023-11-29 17:41:14 +0000 app-misc/mosquitto: Drop old versions Bug: https://bugs.gentoo.org/918540 Signed-off-by: Matt Turner <mattst88@gentoo.org> app-misc/mosquitto/Manifest | 2 - app-misc/mosquitto/mosquitto-2.0.15-r1.ebuild | 127 -------------------------- app-misc/mosquitto/mosquitto-2.0.17.ebuild | 127 -------------------------- 3 files changed, 256 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=849726d04fc8e25ea56d3c54858506f82619e186 commit 849726d04fc8e25ea56d3c54858506f82619e186 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-07 09:13:27 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-07 09:13:46 +0000 [ GLSA 202401-09 ] Eclipse Mosquitto: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/918540 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-09.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+)
