Posted by Ron E on Jan 05
This integer underflow vulnerability enables heap metadata corruption and
information disclosure through carefully crafted LMDB dump files.
*Impact:*
– *Denial of Service*: Immediate crash (confirmed)
– *Information Disclosure*: Heap metadata leak via OOB read
Root Cause:The readline() function fails to validate that the input line
length is non-zero before performing decrement operations, causing integer
underflow. An attacker can craft…
– Read More – Full Disclosure
