| Summary | In Eclipse Mosquito, versions from 2.0.0 through 2.0.18, if a Mosquitto broker is configured to create an outgoing bridge connection, and that bridge connection has an incoming topic configured that makes use of topic remapping, then if the remote connection sends a crafted PUBLISH packet to the broker a double free will occur with a subsequent crash of the broker. |
|---|---|
| Publication Date | Oct. 30, 2024, 9:15 p.m. |
| Registration Date | Oct. 31, 2024, 5 a.m. |
| Last Update | Nov. 1, 2024, 9:57 p.m. |
| Title | Eclipse Foundation の Eclipse Mosquitto における二重解放に関する脆弱性 |
|---|---|
| Summary | Eclipse Foundation の Eclipse Mosquitto には、二重解放に関する脆弱性が存在します。 |
| Possible impacts | サービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution | ベンダアドバイザリまたはパッチ情報が公開されています。参考情報を参照して適切な対策を実施してください。 |
| Publication Date | Oct. 30, 2024, midnight |
| Registration Date | Jan. 30, 2025, 10:03 a.m. |
| Last Update | Jan. 30, 2025, 10:03 a.m. |
| Eclipse Foundation |
| Eclipse Mosquitto 2.0.0 以上 2.0.19 未満 |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2025年01月30日] 掲載 |
Jan. 30, 2025, 10:03 a.m. |