Google gRPC CVE-2017-7861 Heap Based Buffer Overflow Vulnerability

Google gRPC is prone to a heap-based buffer-overflow vulnerability.

An attacker can exploit this issue to cause denial-of-service conditions. Due to the nature of this issue, code-execution may be possible but this has not been confirmed.

Information

Bugtraq ID: 97694
Class: Boundary Condition Error
CVE: CVE-2017-7861

Remote: Yes
Local: No
Published: Apr 14 2017 12:00AM
Updated: Apr 17 2017 07:07PM
Credit: The vendor reported this issue.
Vulnerable: Google gRPC 0

Not Vulnerable:

References:

• grpc: Crash in gpr_free (chromium.org)
  
• gRPC Homepage (Google)
  

Source: www.securityfocus.com