The vulnerability of the Azure-c-shared-utility library in the Azure SDK for C development software package allows a attacker to execute arbitrary code.

The vulnerability of the Azure-c-shared-utility library in the Azure SDK for C development software package is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code using the buffer length...

AZL-37086 CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2024.03.04-1

The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to...

AZL-70310 CVE-2024-29195 affecting package python-uamqp 1.5.1-3

The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to...

AZL-70178 CVE-2024-29195 affecting package python-uamqp 1.5.1-4

The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to...

CVE-2024-29195

The CVE-2024-29195 advisory concerns the azure-c-shared-utility C library used by the Azure IoT C SDK for AMQP/MQTT communication. The described issue is an integer wraparound/under-allocation/heap buffer overflow stemming from vulnerable parameter checking in the buffer length handling, which co...

Azure C Shared Utility 安全漏洞

Azure C Shared Utility is an open source C library for Microsoft Azure. It provides general-purpose functionality for basic tasks e.g., strings, list operations, IO, etc.. A security vulnerability exists in versions of Azure C Shared Utility prior to 2023-12-01, which stems from a vulnerability...