Strix
26.1K

CVE-2024-48983

HIGHCVSS 7.5/10EPSS 0.44%

Last modified

CVE-2024-48983 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. EPSS estimates a 0.44% chance of exploitation in the next 30 days.

Description

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the packet body determined earlier plus the header length. WsfMsgAlloc then increments this again by sizeof(wsfMsg_t). This may cause an integer overflow that results in the buffer being significantly too small to contain the entire packet. This may cause a buffer overflow of up to 65 KB . This bug is trivial to exploit for a denial of service but can generally not be exploited further because the exploitable buffer is dynamically allocated.

Metrics

CVSS 3.1
7.5/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Probability
0.44%

34.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
ArmMbed6.16.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2024-48983?
An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the packet body determined earlier plus the header length. WsfMsgAlloc then increments this again by sizeof(wsfMsg_t). This may cause an integer overflow that results in the buffer being significantly too small to contain the entire packet. This may cause a buffer overflow of up to 65 KB . This bug is trivial to exploit for a denial of service but can generally not be exploited further because the exploitable buffer is dynamically allocated.
How severe is CVE-2024-48983?
CVE-2024-48983 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 0.44% probability of exploitation in the next 30 days.
How do I fix CVE-2024-48983?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2024-48983?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST