CVE-2026-33250
Received Received - Intake
Stack Overflow in Freeciv21 Allows Remote Server and Client Crashes

Publication date: 2026-03-24

Last updated on: 2026-03-24

Assigner: GitHub, Inc.

Description
Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player's machine. Authentication is not needed and, by default, logs do not contain any useful information. All users should upgrade to Freeciv21 version 3.1.1. Running the server behind a firewall can help mitigate the issue for non-public servers. For local games, Freeciv21 restricts connections to the current user and is therefore not affected.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-24
Last Modified
2026-03-24
Generated
2026-06-16
AI Q&A
2026-03-24
EPSS Evaluated
2026-06-15
NVD
CVE-2026-33250
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
longturn freeciv21 to 3.1.1 (exc)
longturn freeciv21 to 3.2.4 (exc)
freeciv freeciv to 3.1.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "CVE-2026-33250 is a security vulnerability in Freeciv21 versions prior to 3.1.1. It occurs because the game improperly handles specially-crafted network packets, leading to a stack overflow that causes the software to crash. This happens due to recursive processing of compressed 'jumbo' packets, which can exhaust the stack and crash the server or client. The vulnerability does not require authentication or user interaction to exploit."}, {'type': 'paragraph', 'content': "A remote attacker can send malicious packets to crash any public Freeciv21 server, causing a denial of service. Similarly, a malicious server can crash the game client on a player's machine. The root cause is improper input validation leading to a stack-based buffer overflow."}, {'type': 'paragraph', 'content': 'The issue was fixed in Freeciv21 version 3.1.1 by removing recursive decompression of packets and adding strict checks to prevent recursive jumbo packets and malformed packet sizes.'}] [2, 4]

Impact Analysis

This vulnerability can impact you by allowing remote attackers to crash Freeciv21 servers or clients without any authentication or user interaction. For public servers, this means an attacker can cause a denial of service, making the server unavailable to legitimate users.

If you are running a Freeciv21 client, connecting to a malicious server could cause your game to crash unexpectedly.

Logs by default do not provide useful information to detect exploitation attempts, making it harder to identify attacks.

Mitigations include upgrading to version 3.1.1 or later, running servers behind firewalls to protect non-public servers, and noting that local games restricting connections to the current user are not affected.

Compliance Impact

I don't know

Detection Guidance

This vulnerability in Freeciv21 is caused by specially-crafted network packets that trigger a stack overflow and crash the server or client. Detection is difficult because, by default, logs do not contain useful information about exploitation attempts.

Since the attack involves sending recursive or oversized compressed jumbo packets to the Freeciv21 server, network monitoring tools could be used to detect unusual or malformed packet patterns targeting the Freeciv21 server port.

Suggested commands to help detect suspicious network activity might include using packet capture tools such as tcpdump or Wireshark to monitor traffic on the Freeciv21 server port (default port depends on configuration). For example:

  • tcpdump -i <interface> port <freeciv_port> -w freeciv_traffic.pcap
  • wireshark freeciv_traffic.pcap (to analyze captured packets for unusual jumbo or compressed packets)

Additionally, monitoring for unexpected crashes or restarts of the Freeciv21 server or client processes can be an indicator of exploitation attempts.

Mitigation Strategies

The primary and most effective mitigation is to upgrade Freeciv21 to version 3.1.1 or later, as this version contains patches that fix the vulnerability by removing recursive decompression of jumbo packets.

For servers that cannot immediately upgrade, running the Freeciv21 server behind a firewall to restrict access to trusted users or networks can help reduce exposure, especially for non-public servers.

Local games are not affected because Freeciv21 restricts connections to the current user, so using local games can avoid the risk.

Monitoring and promptly restarting any crashed Freeciv21 servers can help maintain availability until the upgrade is applied.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33250. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart