CVE-2024-33781

Name of the Vulnerable Software and Affected Versions MP-SPDZ version 0.3.8

Description A stack overflow was discovered in the function octetStream::get bytes in /Tools/octetStream.cpp, allowing attackers to cause a Denial of Service (DoS) via a crafted message.

Recommendations For MP-SPDZ version 0.3.8, consider disabling the octetStream::get bytes function as a temporary workaround until a patch is available. Restrict access to the /Tools/octetStream.cpp module to minimize the risk of exploitation. Avoid using crafted messages that could trigger the stack overflow until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.