gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/Β Three vectors were found that allow the following DOS attacks:
The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.
The unbounded memory buffering bugs:
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | 3.18-community | noarch | grpc | =Β 1.54.2-r0 | UNKNOWN |