Description
A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. When fuzzing the multipart_parser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected problem in how multipart_parser handles unclosed http headers. If long enough http header is passed in the multipart form without colon there is one byte overwrite on heap. It can be conducted multiple times in a loop to cause DoS.
References (1)
Core 1
Core References
Product, Third Party Advisory
https://github.com/openbmc/bmcweb
Scores
CVSS v3
8.2
EPSS
0.0027
EPSS Percentile
50.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-229
CWE-122
CWE-787
Status
published
Products (1)
openbmc-project/openbmc
2.10.0 - 2.13.0
Published
Oct 27, 2022
Tracked Since
Feb 18, 2026