Name of the Vulnerable Software and Affected Versions Tarantool version 1.7.2.0-g8e92715

Description The issue is related to an out-of-bounds array access in the xrow header decode function. A specially crafted packet can cause the function to access an element outside the bounds of a global array, leading to an out of bounds read within the context of the server. This can result in a denial of service.

Recommendations For Tarantool version 1.7.2.0-g8e92715, as a temporary workaround, consider restricting access to the xrow header decode function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.