CVE-2017-7861

Name of the Vulnerable Software and Affected Versions Google gRPC before 2017-02-22

Description The issue is related to an out-of-bounds write in the gpr free function in core/lib/support/alloc.c. This can lead to memory corruption and potentially allow a remote attacker to execute arbitrary code on the target system using a specially crafted file.

Recommendations For Google gRPC versions before 2017-02-22, update to a version released after 2017-02-22 to resolve the issue. As a temporary workaround, consider restricting access to the gpr free function in core/lib/support/alloc.c to minimize the risk of exploitation.