6 matches found
CVE-2021-27435
CVE-2021-27435 affects ARM Mbed OS 6.3.0. It is due to an integer wrap-around in malloc_wrapper, enabling arbitrary memory allocation and potentially causing a crash or remote code execution. Exploitation status is not detailed in the provided documents, and there is no known public exploit per t...
CVE-2024-48983
CVE-2024-48983 (MBed OS 6.16.0) describes a denial-of-service risk caused by an integer overflow during HCI packet length handling. The code computes packet size by reading two header bytes, allocates a buffer as body length plus header length, and then increments by sizeof(wsfMsg_t). This can pr...
CVE-2024-48986
CVE-2024-48986 affects MBed OS 6.16.0: the HCI parsing code determines packet lengths by reading a header byte, allocates a buffer based on event type, and then copies header-specified data into that buffer, potentially causing a buffer overflow. The impact is described as trivial for denial of s...
CVE-2024-48982
MBed OS 6.16.0 contains a vulnerability in the HCI packet length parsing. The hci parsing software reads a length byte from the packet header and assumes it is >= 3, but does not enforce this. If length
CVE-2024-48981
Summary: MBed OS 6.16.0 contains a vulnerability in HCI packet processing. The code path that determines the packet header length during HCI input (function hciTrSerialRxIncoming) does not discard packets with invalid identifiers and does not set a safe default for unknown header lengths. This ca...
CVE-2024-48985
MBed OS 6.16.0 is affected by a buffer overflow in HCI packet processing. When reading the packet length from the first two bytes, the code allocates a buffer sized to the packet body plus header; if allocation fails due to an oversized packet, there is no proper error handling and hciTrSerialRxI...