continental window
Challenge Information
Project: mongoose
Type: delta
Harnesses: 1
Vulnerabilities: 1
AFC Challenge Performance
Number of Unique Vulnerabilities Discovered: #
Number of Teams with Scoring PoVs: 4
Number of Teams with Scoring Patches: 2
Number of Teams with Scoring Bundles: 2
Total Points Scored for this Challenge: 24.205147971272087
What design decisions were considered for this challenge?
This challenge simulates a standard pull request containing a subtle vulnerability.
Why this set of vulnerabilities?
This challenge introduces a vulnerability from the initial implementation of handling IPv4 header options which allows for an out of bounds read.
Delta vs Full and why?
Delta format to represent a realistic pull request scenario.
Challenge Harnesses
- fuzz
Challenge Vulnerabilities
IPv4 Internet Protocol Options initial code
Vulnerability Information
Author: Dan
Harness: fuzz
CWE Classification: CWE-125
What functions and functionality is relevant?
This defect exists in some initial code developed to handle IPv4 Internet Protocol Options.
Why is this vulnerable?
The current net_builtin.c code assumes that there are no IPv4 Internet Protocol Options, and that the header is a fixed 20 bytes.
Is this a replay and/or is inspired by anything?
This is not a replay.
What makes it interesting?
In computing the new IP payload offset when there are Internet Protocol Options present, the current packet size range check is no longer a valid test. Therefore, it can lead to a read buffer overflow on the packet data.