Qingpeng Du

**Name of the Vulnerable Software and Affected Versions** Eclipse Mosquitto versions 1.3.2 through 2.0.18 **Description** The issue is related to a buffer overflow in dynamic memory. If a malicious broker sends a crafted SUBACK packet with no reason codes, a client using libmosquitto may make out of bounds memory access when acting in its on subscribe callback. This affects the mosquitto sub and mosquitto rr clients. A remote attacker may exploit this to gain access to confidential information. **Recommendations** For Eclipse Mosquitto versions 1.3.2 through 2.0.18, consider updating to a version that contains a fix for this issue to prevent out of bounds memory access. As a temporary workaround, consider restricting the use of the on subscribe callback function in libmosquitto until a patch is available. Avoid using the mosquitto sub and mosquitto rr clients with untrusted brokers until the issue is resolved.