CVE-2025-59947
Buffer Overflow in NanoMQ Before 0.24.4 Affects PUBLISH Packets
Publication date: 2025-12-15
Last updated on: 2025-12-15
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nanomq | nanomq | 0.24.4 |
| nanomq | nanomq | 0.24.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-59947 is a heap-based buffer overflow vulnerability in NanoMQ versions prior to 0.24.4. It occurs in the function handling PUBLISH packets that trigger both shared and vanilla subscriptions simultaneously. Specifically, the vulnerability arises from an out-of-bounds write of 4 bytes beyond a 24-byte allocated buffer in the pub_handler.c file. This overflow can lead to memory corruption and potentially arbitrary code execution within the NanoMQ broker component during message publication handling. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability impact me? :
This vulnerability can lead to memory corruption, unauthorized modification of system data, denial of service, and potentially arbitrary code execution on the affected NanoMQ broker. The impact on confidentiality is low, but the integrity and availability of the system are highly affected. Since the attack vector is network-based with low complexity and requires low privileges, it can be exploited remotely without user interaction, posing a significant risk to systems using vulnerable versions of NanoMQ. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring NanoMQ versions prior to 0.24.4 and identifying PUBLISH packets that trigger both shared and vanilla subscriptions. Since the vulnerability is a heap-based buffer overflow triggered during message publication handling, one can use memory error detection tools like AddressSanitizer during testing or runtime to detect out-of-bounds writes. Additionally, inspecting NanoMQ logs for crashes or abnormal behavior during PUBLISH packet handling may help. Specific commands are not provided in the resources, but running NanoMQ with AddressSanitizer enabled or using debugging tools to monitor memory operations in the pub_handler.c component could be effective. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading NanoMQ to version 0.24.4 or later, where the vulnerability is fixed. As a temporary workaround, disable shared subscriptions to prevent the buffer overflow from being triggered by PUBLISH packets activating both shared and vanilla subscriptions. [2]