CVE-2010-2534 (vulnerable 1.0.1 - fixed 1.0.3)
Short description: Denial of service (server) via infinite loop
Official CVE-2010-2534 entry at cve.mitre.org.
Related bug reports:
Related commits:
Patches: (sometimes more fuzz is needed to apply them)
When multiple commands are queued (at the server) for execution in the next
game tick and an client joins the server can get into an infinite loop.
With the default settings triggering this bug is difficult (if not
impossible), however the larger value of the "frame_freq" setting is easier
it is to trigger the bug.
To trigger this bug in a server there must be enough activity on the server,
that is commands being sent to the server for execution. Furthermore the
joining client that triggers the bug must know the server password if there
is a server password and there must be place for the new client.