CVE-2018-25021

2021-12-1301:15:07

Google

osv.dev

6.9 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.1%

JSON

The TCP Server module in toxcore before 0.2.8 doesn’t free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system’s memory, causing a denial of service (DoS).

CPENameOperatorVersion
c-toxcoreeq0.1.0
c-toxcoreeq0.2.5
c-toxcoreeq0.0.1
c-toxcoreeq0.0.5
c-toxcoreeq0.1.8
c-toxcoreeq0.0.4
c-toxcoreeq0.1.4
c-toxcoreeq0.2.7
c-toxcoreeq0.1.7
c-toxcoreeq0.2.1

Name	Operator	Version
c-toxcore	eq	0.1.0
c-toxcore	eq	0.2.5
c-toxcore	eq	0.0.1
c-toxcore	eq	0.0.5
c-toxcore	eq	0.1.8
c-toxcore	eq	0.0.4
c-toxcore	eq	0.1.4
c-toxcore	eq	0.2.7
c-toxcore	eq	0.1.7
c-toxcore	eq	0.2.1