CVE-2019-18609

Name of the Vulnerable Software and Affected Versions RabbitMQ versions 0.9.0

Description The issue is related to the amqp handle input function in the amqp connection.c component of the RabbitMQ message broker, which lacks frame size checking. This allows a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. Specifically, there is an integer overflow that leads to heap memory corruption in the handling of CONNECTION STATE HEADER, allowing a rogue server to return a malicious frame header that causes a smaller target size value than needed, resulting in a memcpy function copying too much data into a heap buffer.

Recommendations For RabbitMQ version 0.9.0, consider disabling the amqp handle input function as a temporary workaround until a patch is available. Restrict access to the amqp connection.c component to minimize the risk of exploitation. Avoid using the CONNECTION STATE HEADER in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.