Anthropic: Anthropic’s Buffa Rust Library 0-Day Vulnerability Enables DoS Attack

Anthropic: Anthropic’s Buffa Rust Library 0-Day Vulnerability Enables DoS Attack

Anthropic’s Rust Library *buffa* Hit by Zero-Day DoS Vulnerability (CVE-2026-55407)

A critical denial-of-service (DoS) vulnerability has been discovered in buffa, Anthropic’s Rust-based Protocol Buffers (protobuf) implementation, stemming from unbounded heap allocation triggered by attacker-controlled input. The flaw, tracked as CVE-2026-55407 (CVSS 4.0: 6.3, Moderate), can escalate to High or Critical severity depending on deployment architecture, affecting buffa and connectrpc versions prior to 0.8.0.

Root Cause & Exploitation

The vulnerability was identified by Endor Labs’ AI-powered SAST engine, which flagged a risky data flow in buffa’s decode_unknown_field function. The issue arises when parsing untrusted protobuf wire data, where an attacker-supplied length value is used to allocate a Vec<u8> without an upper bound. While a guard prevents out-of-bounds reads, it fails to constrain heap allocation, allowing oversized inputs to force excessive memory usage.

A more severe amplification vector was found in the handling of WireType::StartGroup, where nested unknown fields each encoded in as little as two bytes trigger ~40-byte heap allocations per field plus overhead. A proof-of-concept demonstrated that a 64 MiB payload could balloon into 1.4 GiB of heap usage (a 22x amplification), crashing processes in memory-constrained environments (e.g., Docker containers with a 256 MiB limit).

Impact & Affected Systems

The vulnerability is reachable via buffa’s default decoding APIs (Message::decode, decode_from_slice) when preserve_unknown_fields is enabled (the default setting). Any service processing untrusted protobuf messages is at risk, with potential outcomes including process termination due to out-of-memory errors.

Mitigation & Fixes

Anthropic released version 0.8.0 of buffa and connectrpc, introducing a configurable per-message limit on unknown fields to cap allocation overhead. For systems unable to upgrade immediately, a workaround involves regenerating protobuf code with preserve_unknown_fields=false, disabling the vulnerable data path.

Broader Implications

The discovery underscores the limitations of input-size caps in preventing DoS attacks, as even "safe" message sizes can trigger catastrophic allocations via amplification vectors. Notably, the flaw was uncovered using AI-driven static analysis, highlighting the need for data-flow-aware security tools even in memory-safe languages like Rust particularly for high-assurance components in AI systems. The coordinated disclosure between Endor Labs and Anthropic reflects growing collaboration in securing critical infrastructure.

Source: https://cybersecuritynews.com/anthropics-buffa-rust-library-0-day-vulnerability-enables-dos-attack/

Anthropic cybersecurity rating report: https://www.rankiteo.com/company/anthropicresearch

"id": "ANT1782908643",
"linkid": "anthropicresearch",
"type": "Vulnerability",
"date": "1/2026",
"severity": "60",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Artificial Intelligence / Software '
                                    'Development',
                        'name': 'Anthropic',
                        'type': 'Company'}],
 'attack_vector': 'Untrusted protobuf wire data with attacker-controlled input',
 'description': 'A critical denial-of-service (DoS) vulnerability has been '
                'discovered in *buffa*, Anthropic’s Rust-based Protocol '
                'Buffers (protobuf) implementation, stemming from unbounded '
                'heap allocation triggered by attacker-controlled input. The '
                'flaw, tracked as CVE-2026-55407 (CVSS 4.0: 6.3, Moderate), '
                'can escalate to High or Critical severity depending on '
                'deployment architecture, affecting *buffa* and *connectrpc* '
                'versions prior to 0.8.0.',
 'impact': {'downtime': 'Process termination due to out-of-memory errors',
            'operational_impact': 'Crashes in memory-constrained environments '
                                  '(e.g., Docker containers with 256 MiB '
                                  'limit)',
            'systems_affected': 'Services processing untrusted protobuf '
                                'messages with *buffa* or *connectrpc* '
                                '(versions < 0.8.0)'},
 'lessons_learned': 'The discovery underscores the limitations of input-size '
                    "caps in preventing DoS attacks, as even 'safe' message "
                    'sizes can trigger catastrophic allocations via '
                    'amplification vectors. Highlights the need for '
                    'data-flow-aware security tools even in memory-safe '
                    'languages like Rust, particularly for high-assurance '
                    'components in AI systems.',
 'post_incident_analysis': {'corrective_actions': 'Introduced configurable '
                                                  'per-message limit on '
                                                  'unknown fields in version '
                                                  '0.8.0. Workaround: Disable '
                                                  '`preserve_unknown_fields` '
                                                  'in protobuf code '
                                                  'generation.',
                            'root_causes': 'Unbounded heap allocation in '
                                           '*buffa*’s `decode_unknown_field` '
                                           'function when parsing untrusted '
                                           'protobuf wire data. Amplification '
                                           'vector in `WireType::StartGroup` '
                                           'handling, where nested unknown '
                                           'fields trigger excessive memory '
                                           'usage.'},
 'recommendations': 'Use AI-driven static analysis tools to identify risky '
                    'data flows in memory-safe languages. Implement '
                    'configurable limits on heap allocations for untrusted '
                    'inputs. Coordinate disclosures between security '
                    'researchers and vendors to secure critical '
                    'infrastructure.',
 'references': [{'source': 'Endor Labs'}],
 'response': {'communication_strategy': 'Coordinated disclosure between Endor '
                                        'Labs and Anthropic',
              'containment_measures': 'Configurable per-message limit on '
                                      'unknown fields (introduced in version '
                                      '0.8.0)',
              'remediation_measures': 'Upgrade to *buffa* and *connectrpc* '
                                      'version 0.8.0; workaround: regenerate '
                                      'protobuf code with '
                                      '`preserve_unknown_fields=false`',
              'third_party_assistance': 'Endor Labs (AI-powered SAST engine)'},
 'title': 'Anthropic’s Rust Library *buffa* Hit by Zero-Day DoS Vulnerability '
          '(CVE-2026-55407)',
 'type': 'Denial-of-Service (DoS)',
 'vulnerability_exploited': 'CVE-2026-55407 (Unbounded heap allocation in '
                            '`decode_unknown_field` function)'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.