USN-8300-1: ngtcp2 vulnerability
Source: Ubuntu
Published:
<p>ngtcp2 could be made to run programs as your login if it received specially crafted network traffic when qlog was enabled.</p> <p>Zou Dikai discovered that ngtcp2 serialized peer transport parameters into a fixed 1024-byte stack buffer without bounds checking. When qlog was enabled, a remote atta