Squirrel Sandbox Escape allows Code Execution in Games and Cloud Services

The Squirrel programming language, used in various games and cloud services for customization and plugin development, has a vulnerability discovered that allows an attacker to bypass sandbox restrictions and execute arbitrary code within a Squirrel VM, gaining full access to the underlying machine. The Out-Of-Bounds Read vulnerability (CVE-2021-41556) can be exploited by creating a malicious class definition with specific bitflags, which leads to accessing memory outside of the array's bounds. This allows an attacker to craft a fake SQObjectPtr and trick the engine into returning an array that points to the entire process space, enabling reading and writing to the address space and ultimately hijacking control flow. The vulnerability affects both stable release branches (2.x and 3.x) of Squirrel and has been patched with a commit released on GitHub. Maintainers are advised to apply this fix to protect against these attacks.