Impact
A vulnerability exists in Net::BitTorrent versions up to 2.0.1 for Perl where the peer-wire framing routine accepts a 4-byte length prefix without imposing any bound. The receiving routine concatenates all inbound bytes to a buffer and delays decoding until the full length advertised by the peer is available. This flaw, classified as CWE-400 (Uncontrolled Resource Consumption) and CWE-770 (Memory Leak or Unbounded Memory Usage), allows an attacker to advertise a length near 4 GiB, prompting the process to allocate an equivalent buffer and consume large amounts of memory. This unverified length field can be exploited by any unauthenticated peer in a swarm and can cause the BitTorrent client to exhaust available memory, potentially crash or become unresponsive, thereby denying service to legitimate users.
Affected Systems
The affected product is Net::BitTorrent, a Perl module used to build BitTorrent clients, with all releases through version 2.0.1 vulnerable. No specific patch version is currently provided by the CNA; the module remains compromised until a fixed release is issued by SANKO.
Risk and Exploitability
The attack vector is remote, via the peer-wire protocol used by BitTorrent peers. Because peer connections are unauthenticated, any malicious peer can initiate the attack. The exploit requires no special privileges or additional software beyond a standard BitTorrent client. The CVSS score of 7.5 denotes a high severity, and combined with no EPSS score or KEV entry, the lack of mitigation mechanisms in the library and the potential for large memory consumption make this a high‑risk denial‑of‑service flaw.
OpenCVE Enrichment