CVE-2024-10525: 
NixOS vulnerability analysis and mitigation

Eclipse Mosquitto versions 1.3.2 through 2.0.18 contain a vulnerability where if a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may experience out-of-bounds memory access when executing its onsubscribe callback. This vulnerability specifically affects the mosquittosub and mosquitto_rr clients (NVD).

The vulnerability is classified as a heap-based buffer overflow (CWE-122) and out-of-bounds write (CWE-787). The issue occurs within the mysubscribecallback function in the sub_client.c file when processing specially crafted packets. The CVSS v3.1 base score is 9.8 CRITICAL with vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H, indicating a critical severity level with network attack vector, low attack complexity, and no required privileges or user interaction (NVD).

The vulnerability can lead to out-of-bounds memory access, potentially resulting in code execution or denial of service when exploited. The high CVSS score indicates potential impacts on confidentiality, integrity, and availability of the affected system (NVD).

The vulnerability has been fixed in Eclipse Mosquitto version 2.0.19. Users are advised to upgrade to this version, which includes the security fix that prevents SUBACK packets with missing reason codes in the client library (Release Notes).