As new recipes are unlocked, a toast is shown cycling through all the newly unlocked items. As the amount of unlocked items grows, the cycle speed increases. Due to how floating-point arithmetic works, the division behind the scenes can end up using a zero which will end up throwing an ArithmeticException leading to a crash.
To exploit this, an attacker has to have privileges to use the /recipe command. And can do it by repeatedly executing /recipe take victim *followed by /recipe give victim *.
Linked issues
duplicates 1
Attachments
Comments 4
This is not a server, but a clientside rendering flaw. I've been able to reproduce this issue on vanilla single-player worlds across multiple machines, are you running the commands in rapid succession, and are you specifying a user instead of just "victim"? I have to run the commands about seven times over in order for it to crash. I haven't been able to reproduce the issue in the 1.16 snapshot, but it should be reproducible in 1.15.2.
define "rapid succession", I ran it about 50 times as fast as I could press up to repeat the command from a server console while my client was running - also note that if this is not an issue in 1.16, it was likely fixed, potentially by accident - since this can only be done by operators anyway, it is not a major issue.
See MC-120572
I am unable to reproduce this on a vanilla server, please contact the Spigot authors and make sure this isn't a bug on their end - we do not support the use of heavy modifications here.