CVE-2019-17212
Last modified
CVE-2019-17212 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5.14.0. The CoAP parser is responsible for parsing received CoAP packets. EPSS estimates a 3.06% chance of exploitation in the next 30 days.
Description
Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5.14.0. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP input linearly using a while loop. Once an option is parsed in a loop, the current point (*packet_data_pptr) is increased correspondingly. The pointer is restricted by the size of the received buffer, as well as by the 0xFF delimiter byte. Inside each while loop, the check of the value of *packet_data_pptr is not strictly enforced. More specifically, inside a loop, *packet_data_pptr could be increased and then dereferenced without checking. Moreover, there are many other functions in the format of sn_coap_parser_****() that do not check whether the pointer is within the bounds of the allocated buffer. All of these lead to heap-based or stack-based buffer overflows, depending on how the CoAP packet buffer is allocated.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mbed | Mbed | 5.13.2 |
| Mbed | Mbed | 5.14.0 |
References
- https://github.com/ARMmbed/mbed-os/issues/11803Issue Tracking, Third Party Advisory
- https://github.com/ARMmbed/mbed-os/issues/11803Issue Tracking, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-17212?
How severe is CVE-2019-17212?
How do I fix CVE-2019-17212?
Are you affected by CVE-2019-17212?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST