Security bug: missing packet validation allows to crash application when malformed packet is received

I am writing here as you do not have process to report security bugs privately. Incoming packets are not validated in any way. I tried to do some fuzz testing and simple payload consisting of four bytes set to zero caused crash.