CVE-2026-29609

描述

### Summary URL-backed media fetch handling allocated the entire response payload in memory (`arrayBuffer`) before enforcing `maxBytes`, allowing oversized responses to cause memory exhaustion. ### Affected Versions - `openclaw` (npm): < `2026.2.14` - `clawdbot` (npm): <= `2026.1.24-3` ### Patched Versions - `openclaw` (npm): `2026.2.14` ### Fix Commit - `openclaw/openclaw` `main`: `00a08908892d1743d1fc52e5cbd9499dd5da2fe0` ### Details Affected component: - `src/media/input-files.ts` (`fetchWithGuard`) When `content-length` is missing or incorrect, reading the body via `response.arrayBuffer()` buffers the full payload before a size check can run. ### Proof of Concept 1. Configure URL-based media input. 2. Serve a response larger than `maxBytes` (chunked transfer / no `content-length`). 3. Trigger the `fetchWithGuard` URL fetch path. Example local server (large response): ```bash node -e 'require("http").createServer((_,res)=>{res.writeHead(200,{"content-type":"application/octet-stream"});for(let i=0;i<1024;i++)res.write(Buffer.alloc(1024*64));res.end();}).listen(18888)' ``` ### Impact Availability loss via memory pressure from attacker-controlled remote media responses. ### Mitigation Until a patched release is available, disable URL-backed media inputs (or restrict to a tight hostname allowlist) and use conservative `maxBytes` limits. ### Credits Reported by @vincentkoc.

受影響套件(1)

• npm/openclawfrom 0, < 2026.2.14

CVSS 分數

參考連結(3)

• PATCHhttps://github.com/openclaw/openclaw
• WEBhttps://github.com/openclaw/openclaw/commit/00a08908892d1743d1fc52e5cbd9499dd5da2fe0
• WEBhttps://github.com/openclaw/openclaw/security/advisories/GHSA-j27p-hq53-9wgc