CVE-2014-6251

cpuminer < 2.4.0 - Stack-based Buffer Overflow via Mining Protocol Messages

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in CPUMiner before 2.4.1 allows remote attackers to have an unspecified impact by sending a mining.subscribe response with a large nonce2 length, then triggering the overflow with a mining.notify request.

References (1)

Core 1
Core References
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Oct/29

Scores

EPSS 0.0102
EPSS Percentile 59.3%

Details

CWE
CWE-119
Status published
Products (1)
cpuminer_project/cpuminer < 2.4.0
Published Oct 25, 2014
Tracked Since Feb 18, 2026