CVE-2024-48077

NanoMQ v0.22.7 is vulnerable to Denial of Service (DoS) due to improper resource throttling. A crafted sequence of requests causes the recv-q queue to saturate, leading to the rapid exhaustion of system file descriptors (FDs). This exhaustion triggers a process crash, rendering the broker unable to provide services.

NanoMQ v0.22.7 is vulnerable to Denial of Service (DoS) due to improper resource throttling. A crafted sequence of requests causes the recv-q queue to saturate, leading to the rapid exhaustion of system file descriptors (FDs). This exhaustion triggers a process crash, rendering the broker unable to provide services.

Un problema en nanomq v0.22.7 permite a los atacantes causar una denegación de servicio (DoS) a través de una solicitud manipulada. El número de paquetes de datos recibidos en la cola recv-q del proceso Nanomq continúa aumentando, lo que provoca que el broker nanomq caiga en un interbloqueo y no pueda proporcionar servicios normales.