Tag Archives: CVE-2020-36049

CWE-1325 – Improperly Controlled Sequential Memory Allocation

Read Time:1 Minute, 20 Second

Description

The product manages a group of objects or resources and performs a separate memory allocation for each object, but it does not properly limit the total amount of memory that is consumed by all of the combined objects.

Modes of Introduction:

– Implementation

 

 

Related Weaknesses

CWE-770
CWE-789
CWE-476

 

Consequences

Availability: DoS: Resource Consumption (Memory)

Not controlling memory allocation can result in a request for too much system memory, possibly leading to a crash of the application due to out-of-memory conditions, or the consumption of a large amount of memory on the system.

 

Potential Mitigations

Phase: Implementation

Description: 

Ensure multiple allocations of the same kind of object are properly tracked – possibly across multiple sessions, requests, or messages. Define an appropriate strategy for handling requests that exceed the limit, and consider supporting a configuration option so that the administrator can extend the amount of memory to be used if necessary.

Phase: Operation

Description: 

Run the program using system-provided resource limits for memory. This might still cause the program to crash or exit, but the impact to the rest of the system will be minimized.

CVE References

  • CVE-2020-36049
    • JavaScript-based packet decoder uses concatenation of many small strings, causing out-of-memory (OOM) condition
  • CVE-2019-20176
    • Product allocates a new buffer on the stack for each file in a directory, allowing stack exhaustion
  • CVE-2013-1591
    • Chain: an integer overflow (CWE-190) in the image size calculation causes an infinite loop (CWE-835) which sequentially allocates buffers without limits (CWE-1325) until the stack is full.