CVE-2026-33250
Stack Overflow in Freeciv21 Allows Remote Server and Client Crashes
Publication date: 2026-03-24
Last updated on: 2026-03-24
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| longturn | freeciv21 | to 3.1.1 (exc) |
| longturn | freeciv21 | to 3.2.4 (exc) |
| freeciv | freeciv | to 3.1.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-121 | A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). |
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2026-33250 is a security vulnerability in Freeciv21 versions prior to 3.1.1. It occurs because the game improperly handles specially-crafted network packets, leading to a stack overflow that causes the software to crash. This happens due to recursive processing of compressed 'jumbo' packets, which can exhaust the stack and crash the server or client. The vulnerability does not require authentication or user interaction to exploit."}, {'type': 'paragraph', 'content': "A remote attacker can send malicious packets to crash any public Freeciv21 server, causing a denial of service. Similarly, a malicious server can crash the game client on a player's machine. The root cause is improper input validation leading to a stack-based buffer overflow."}, {'type': 'paragraph', 'content': 'The issue was fixed in Freeciv21 version 3.1.1 by removing recursive decompression of packets and adding strict checks to prevent recursive jumbo packets and malformed packet sizes.'}] [2, 4]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing remote attackers to crash Freeciv21 servers or clients without any authentication or user interaction. For public servers, this means an attacker can cause a denial of service, making the server unavailable to legitimate users.
If you are running a Freeciv21 client, connecting to a malicious server could cause your game to crash unexpectedly.
Logs by default do not provide useful information to detect exploitation attempts, making it harder to identify attacks.
Mitigations include upgrading to version 3.1.1 or later, running servers behind firewalls to protect non-public servers, and noting that local games restricting connections to the current user are not affected.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability in Freeciv21 is caused by specially-crafted network packets that trigger a stack overflow and crash the server or client. Detection is difficult because, by default, logs do not contain useful information about exploitation attempts.
Since the attack involves sending recursive or oversized compressed jumbo packets to the Freeciv21 server, network monitoring tools could be used to detect unusual or malformed packet patterns targeting the Freeciv21 server port.
Suggested commands to help detect suspicious network activity might include using packet capture tools such as tcpdump or Wireshark to monitor traffic on the Freeciv21 server port (default port depends on configuration). For example:
- tcpdump -i <interface> port <freeciv_port> -w freeciv_traffic.pcap
- wireshark freeciv_traffic.pcap (to analyze captured packets for unusual jumbo or compressed packets)
Additionally, monitoring for unexpected crashes or restarts of the Freeciv21 server or client processes can be an indicator of exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
The primary and most effective mitigation is to upgrade Freeciv21 to version 3.1.1 or later, as this version contains patches that fix the vulnerability by removing recursive decompression of jumbo packets.
For servers that cannot immediately upgrade, running the Freeciv21 server behind a firewall to restrict access to trusted users or networks can help reduce exposure, especially for non-public servers.
Local games are not affected because Freeciv21 restricts connections to the current user, so using local games can avoid the risk.
Monitoring and promptly restarting any crashed Freeciv21 servers can help maintain availability until the upgrade is applied.