CVE-2021-43518

Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution.

References

Affected packages

Debian:11 / teeworlds

Package

Name: teeworlds
Purl: pkg:deb/debian/teeworlds?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.7.5-1

0.7.5-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / teeworlds

Package

Name: teeworlds
Purl: pkg:deb/debian/teeworlds?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.7.5-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / teeworlds

Package

Name: teeworlds
Purl: pkg:deb/debian/teeworlds?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.7.5-2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/teeworlds/teeworlds

Affected ranges

Type: GIT
Repo: https://github.com/teeworlds/teeworlds
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

4fc25a17fef3e6c2bf4d52b0421e0d69ecaa1e79

Affected versions

0.*

0.5-endofline

0.6-endofline

0.6-start

0.6.0-release

0.6.1-release

0.7-start

0.7.0

0.7.1

0.7.2

0.7.3

0.7.3.1

0.7.4

0.7.5