What the vulnerability does

01Description

Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash.

Key dates

02Disclosure timeline

November 13, 2020 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE