Listen to this Post
MessagePack-CSharp is a MessagePack serializer for C. Prior to versions 2.5.301 and 3.1.7, the library’s multi-dimensional array formatters (TwoDimensionalArrayFormatter<T>, ThreeDimensionalArrayFormatter<T>, and FourDimensionalArrayFormatter<T>) contain a critical vulnerability where dimension lengths are read directly from the payload and used to allocate the target array (T[,], T[,,], or T[,,,]) before any validation occurs against the encoded element count.
The formatter reads a guarded element array header from the MessagePack stream, but the allocation of the multi-dimensional array happens prior to checking whether the product of the declared dimensions matches the actual number of elements provided in the payload. This ordering flaw allows an attacker to craft a small payload that declares enormous dimensions (e.g., 1000×1000×1000 for a three-dimensional array) while providing an empty or tiny inner array.
Upon deserialization, the system attempts to allocate memory for the full theoretical array size before realizing that the actual data content does not match the declared dimensions. This results in massive heap allocations that can quickly exhaust available memory, leading to OutOfMemoryException, container termination on memory-constrained hosts, severe Large Object Heap (LOH) pressure, and significant CPU cost from zero-initializing oversized arrays. The `MessagePackSecurity.UntrustedData` setting does not provide a general allocation cap for this path, making it ineffective against this attack vector.
This vulnerability is particularly dangerous in web applications, API endpoints, or services that process untrusted external input, as an attacker can cause denial of service with minimal bandwidth. The issue is classified under CWE-770: Allocation of Resources Without Limits or Throttling and has been assigned a CVSS v3.1 base score of 7.5 (HIGH).
DailyCVE Form:
Platform: MessagePack-CSharp
Version: <2.5.301, <3.1.7
Vulnerability: Unchecked dimensions
Severity: Medium (CVSS 6.3)
date: 2026-06-22
Prediction: Patch already released
What Undercode Say:
Analytics:
Check currently installed MessagePack version in a .NET project dotnet list package --outdated | findstr MessagePack Alternatively, inspect the .csproj file cat YourProject.csproj | grep -A 2 -B 2 "MessagePack" Check for vulnerable version ranges Vulnerable: all versions prior to 2.5.301 and 3.1.7 Fixed: 2.5.301 and above, 3.1.7 and above Monitor memory usage during deserialization dotnet counters monitor System.Runtime --process-id <PID> --counters System.Runtime Example of a malicious payload generation (conceptual) MessagePack array header with large dimensions and empty element array [0xdd, 0x00, 0x00, 0x03, 0xe8] -- array32 length 1000 for dimension 1 [0xdd, 0x00, 0x00, 0x03, 0xe8] -- array32 length 1000 for dimension 2 [0xdd, 0x00, 0x00, 0x03, 0xe8] -- array32 length 1000 for dimension 3 [bash] -- fixarray 0 elements (empty inner array)
Exploit:
An attacker can exploit this vulnerability by sending a crafted MessagePack payload to an application that deserializes untrusted data into a model containing a multi-dimensional array. The payload declares large dimension lengths but provides a minimal or empty element array. The formatter allocates the array based on the declared dimensions before validating the element count, causing memory exhaustion.
Proof of Concept (Conceptual):
Payload structure for a 3D array (T[,,]): - Dimension 1 length: 0x000003E8 (1000) - Dimension 2 length: 0x000003E8 (1000) - Dimension 3 length: 0x000003E8 (1000) - Element array header: 0x90 (empty array, 0 elements) Total memory allocated: 1000 1000 1000 sizeof(T) before validation
The vulnerability can be triggered through any deserialization API that processes untrusted MessagePack data into multi-dimensional array types, including `MessagePackSerializer.Deserialize
Protection:
- Upgrade MessagePack-CSharp to version 2.5.301 or later, or 3.1.7 or later, which validate dimensions before allocation.
- Avoid deserializing untrusted payloads into schemas containing multi-dimensional arrays (
T[,],T[,,],T[,,,]). Prefer bounded lists, dictionaries with application-level count limits, or jagged arrays (T[][]) with application-level limits. - Implement pre-validation that rejects multi-dimensional array payloads with dimensions exceeding a defined safe limit before invoking the deserializer.
- Apply message-size limits to reduce the blast radius, though this does not fully address allocation amplification where a small payload can encode disproportionate array dimensions.
- Run deserialization in a sandboxed environment or container with configured memory limits to prevent excessive allocation from affecting the host system.
Impact:
- Denial of Service: Memory exhaustion can cause application crashes, container termination, or system instability.
- Performance Degradation: Large heap allocations cause severe CPU cost from zero-initialization and LOH pressure.
- Resource Exhaustion: Systems running on constrained environments or virtualized platforms face heightened risk as memory allocation can quickly consume available resources.
- No Code Execution: The impact is limited to availability; no direct code execution is possible.
- Affected Components:
TwoDimensionalArrayFormatter<T>.Deserialize,ThreeDimensionalArrayFormatter<T>.Deserialize,FourDimensionalArrayFormatter<T>.Deserialize.
🎯Let’s Practice Exploiting & Learn Patching For Free:
🎓 Live Courses & Certifications:
Join Undercode Academy for Verified Certifications
🚀 Request a Custom Project:
Secure, high-velocity infrastructure and disruptive technological engineering. Contact our engineering team for high-tier development and proprietary systems:
[email protected]
💎 Smart Architecture | 🛡️ Secure by Design | ⭐ Trusted by Thousands
Sources:
Reported By: github.com
Extra Source Hub:
Undercode
