WS-2022-0100
Published:May 15, 2026
Updated:May 15, 2026
Impact A malicious client may send a "MovePlayerPacket" to the server whose position or rotation contains NaN or INF. Since neither the server nor vanilla client handles this properly, a number of interesting side effects come into play. - The server may crash in various ways if this exploit is used, because some mathematical operations on NaN/INF generate PHP warnings, which are converted into exceptions. - Clients may not be able to see other clients who have a NaN/INF rotation. - Clients may also crash in such cases. Patches A patch for this was included in the 3.18.1 release: https://github.com/pmmp/PocketMine-MP/commit/fb20bb38327b4c08ee3976640cd0dd547388a638 Workarounds Workarounds could be implemented as plugins using "DataPacketReceiveEvent" to block any inbound movement packets containing bogus values. For more information If you have any questions or comments about this advisory: - Open an issue in "pmmp/PocketMine-MP" (https://github.com/pmmp/PocketMine-MP) - Email us at "team@pmmp.io" (mailto:team@pmmp.io)
Related Resources (2)
Do you need more information?
Contact UsCVSS v4
Base Score:
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
NONE
Vulnerable System Availability
HIGH
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH
Weakness Type (CWE)
Improper Input Validation