Summaryinfo

A vulnerability, which was classified as critical, has been found in The Isle Evrima on Windows/Linux. This affects the function FTcpListener of the component RCON Port Handler. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2022-38221. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.

Detailsinfo

A vulnerability, which was classified as critical, has been found in The Isle Evrima on Windows/Linux. This issue affects the function FTcpListener of the component RCON Port Handler. The manipulation with an unknown input leads to a buffer overflow vulnerability. Using CWE to declare the problem leads to CWE-120. The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow. Impacted is availability. The summary by CVE is:

A buffer overflow in the FTcpListener thread in The Isle Evrima (the dedicated server on Windows and Linux) 0.9.88.07 before 2022-08-12 allows a remote attacker to crash any server with an accessible RCON port, or possibly execute arbitrary code.

The weakness was disclosed 08/15/2022. The advisory is shared at takethebait.net. The identification of this vulnerability is CVE-2022-38221 since 08/15/2022. Technical details are known, but no exploit is available.

Upgrading to version 0.9.88.07 eliminates this vulnerability.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Name

• The Isle Evrima

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion