Similar or not relevant – QEMU: net: eepro100: stack overflow via infinite recursion (27-06-2021)

Preface: Similar vulnerability with another CVE record was announced on Feb 2021. Perhaps Citrix waiting for other vendor response and confirmation . Whereby, supculated that this is one of the possible factor of the announcement by the Citrix on Friday (25th June, 2021).

Background: How is memory allocated when recursive functions are called? Calling a function recursively is done just like any other function. So the memory will be allocated the same way as if you are calling any regular function.

Vulnerability Details: Two security issues (CVE-2021-3416 & CVE-2021-20257) have been identified in Citrix Hypervisor 8.2 LTSR, each of which may allow privileged code in a guest VM to cause the host to crash or become unresponsive. These issues only affect Citrix Hypervisor 8.2 LTSR.

Ref: A recursive function calls itself, so the memory for a called function is allocated on top of the memory allocated for calling the function. Remember, a different copy of local variables is created for each function call.
How is memory allocated when recursive functions are called?
Each recursive call pushes a new stack frame in that manner, then pops it when it returns. If the recursion fails to reach a base case, the stack will rapidly be exhausted leading to the eponymous Stack Overflow crash.

Official announcement – https://support.citrix.com/article/CTX316325

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.