An exploitable denial-of-service vulnerability exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When utilizing a Stream Cipher and a local_address, arbitrary UDP packets can cause a FATAL error code path and exit. An attacker can send arbitrary UDP packets to trigger this vulnerability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2019-12-03T21:55:47
Updated: 2024-08-04T19:47:56.616Z
Reserved: 2019-01-04T00:00:00
Link: CVE-2019-5163
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-12-03T22:15:15.370
Modified: 2022-06-17T13:34:16.517
Link: CVE-2019-5163
Redhat
No data.