CVE-2026-33250

NameCVE-2026-33250
DescriptionFreeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious server can use this to crash the game on the player's machine. Authentication is not needed and, by default, logs do not contain any useful information. All users should upgrade to Freeciv21 version 3.1.1. Running the server behind a firewall can help mitigate the issue for non-public servers. For local games, Freeciv21 restricts connections to the current user and is therefore not affected.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-6173-1
Debian Bugs1131524

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
freeciv (PTS)bullseye2.6.3-1vulnerable
bookworm3.0.6-1vulnerable
bookworm (security)3.0.6-1+deb12u1fixed
trixie3.1.4+ds-2vulnerable
trixie (security)3.1.4+ds-2+deb13u1fixed
forky, sid3.2.4+ds-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
freecivsourcebullseye(unfixed)end-of-life
freecivsourcebookworm3.0.6-1+deb12u1DSA-6173-1
freecivsourcetrixie3.1.4+ds-2+deb13u1DSA-6173-1
freecivsource(unstable)3.2.4+ds-11131524

Notes

[bullseye] - freeciv <end-of-life> (Games are not supported in LTS)
https://redmine.freeciv.org/issues/1955
Search for package or bug name: Reporting problems