FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

chocolate-doom -- Arbitrary code execution

Affected packages
chocolate-doom < 3.0.1
crispy-doom < 5.9.0


VuXML ID 35aef72c-5c8e-11eb-8309-4ccc6adda413
Discovery 2020-06-22
Entry 2021-01-22

Michal Dardas from LogicalTrust reports:

The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.


CVE Name CVE-2020-14983