CVE-2024-3120: 
NixOS vulnerability analysis and mitigation

A stack-buffer overflow vulnerability (CVE-2024-3120) exists in all versions of sngrep since v1.4.1 up to v1.8.1. The vulnerability was discovered and disclosed in April 2024. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sip_validate_packet and sip_parse_extra_headers functions within src/sip.c (NVD).

The vulnerability stems from insufficient bounds checking in two specific functions within the src/sip.c file: sip_validate_packet and sip_parse_extra_headers. These functions handle the 'Content-Length' and 'Warning' headers in SIP messages. The issue has received a CVSS v3.1 base score of 9.8 (CRITICAL) from NIST and 9.0 (CRITICAL) from Pentraze, indicating its severe nature. The vulnerability is classified as CWE-787 (Out-of-bounds Write) by NIST and CWE-120 (Buffer Copy without Checking Size of Input) by Pentraze (NVD).

This vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via crafted SIP messages. The high CVSS scores indicate that successful exploitation could lead to complete system compromise (NVD).

The vulnerability has been fixed in sngrep version 1.8.1. The patch introduces proper bounds checking for the content-length and warning headers. Users are advised to upgrade to this version immediately. The fix includes modifications to ensure that copy lengths do not exceed MAX_CONTENT_LENGTH_SIZE and MAX_WARNING_SIZE (GitHub Release, GitHub Patch).