Login Sign Up

CVE-2021-32238

7.8 HIGH
Remote Code Execution Denial of Service Buffer Overflow

📋 TL;DR

A stack-based buffer overflow vulnerability in Rocket League allows attackers to execute arbitrary code or cause denial of service by crafting malicious UPK object files. This affects Rocket League players running version 1.95 or earlier. Successful exploitation could lead to complete system compromise.

💻 Affected Systems

Products:
  • Epic Games / Psyonix Rocket League
Versions: <=1.95
Operating Systems: Windows, macOS, Linux, PlayStation, Xbox, Nintendo Switch
Default Config Vulnerable: ⚠️ Yes
Notes: All platforms running vulnerable versions are affected. UPK files are game asset files that can be loaded during gameplay.

📦 What is this software?

Rocket League by Psyonix

View all CVEs affecting Rocket League →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system compromise, data theft, and installation of persistent malware.

🟠

Likely Case

Game crashes causing denial of service, potentially with limited code execution in game context.

🟢

If Mitigated

Game crashes without code execution if exploit fails or protections are in place.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires crafting malicious UPK files that get loaded by the game. Public proof-of-concept exists in vulnerability databases.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: >1.95

Vendor Advisory: https://www.epicgames.com/rocketleague/en/news

Restart Required: Yes

Instructions:

1. Launch Rocket League through Epic Games Launcher. 2. Allow automatic updates to complete. 3. Verify game version is >1.95. 4. Restart the game if prompted.

🔧 Temporary Workarounds

Disable custom content loading

all

Prevent loading of custom UPK files that could be malicious

Network segmentation

all

Isolate gaming systems from critical network segments

🧯 If You Can't Patch

  • Disable Rocket League until patched
  • Implement application whitelisting to prevent execution of malicious payloads

🔍 How to Verify

Check if Vulnerable:

Check Rocket League version in game settings or Epic Games Launcher. If version is 1.95 or lower, system is vulnerable.

Check Version:

In Rocket League: Settings → Gameplay → Version Number

Verify Fix Applied:

Verify game version is >1.95 in game settings or Epic Games Launcher.

📡 Detection & Monitoring

Log Indicators:

  • Game crash logs with memory access violations
  • Unexpected UPK file loading events
  • Process creation from Rocket League executable

Network Indicators:

  • Downloads of UPK files from untrusted sources
  • Network traffic to Rocket League servers with malformed requests

SIEM Query:

Process:Name='RocketLeague.exe' AND (EventID=1000 OR EventID=1001) AND Message CONTAINS 'ACCESS_VIOLATION'

📊 Metadata

CVE ID: CVE-2021-32238
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 18, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-32238, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)