Lucene search
K
ArmMbed Os

6 matches found

CVE
CVE
added 2024/04/19 12:0 a.m.67 views

CVE-2024-22905

The CVE-2024-22905 entry concerns a Buffer Overflow in ARM mbed-os v6.17.0 that allows a remote attacker to execute arbitrary code by sending a crafted script to the hciTrSerialRxIncoming function. Affected product: ARM mbed-os 6.17.0; vulnerability type: buffer overflow in the HCI transport path...

7CVSS7.8AI score0.00429EPSS
CVE
CVE
added 2020/06/18 6:24 p.m.57 views

CVE-2020-12884

CVE-2020-12884 affects Arm Mbed OS 5.15.3 CoAP library. The CoAP parser option handling (sn_coap_parser_options_parse_multiple_options) can read past the packet boundary: packet_data_pptr is advanced by option_len without a prior out-of-bounds check, while temp_parsed_uri_query_ptr validation use...

9.1CVSS9.2AI score0.01352EPSS
CVE
CVE
added 2020/06/18 6:24 p.m.56 views

CVE-2020-12886

The CVE affects Arm Mbed OS CoAP library (mbed-coap) in version 5.15.3. The root cause is in sn_coap_parser_options_parse(): the length of the token is read from the message but not validated against the input buffer before accessing the token, enabling a memory access outside the buffer (buffer ...

9.1CVSS9.2AI score0.01352EPSS
CVE
CVE
added 2020/06/18 6:24 p.m.54 views

CVE-2020-12885

CVE-2020-12885 affects the CoAP library in Arm Mbed OS 5.15.3. The infinite loop is in the CoAP parser function sn_coap_parser_options_parse_multiple_options() , where the loop exit is based on the previously allocated heap memory for parsed options. If the input heap memory calculation yields ze...

7.8CVSS7.5AI score0.01235EPSS
CVE
CVE
added 2024/11/20 12:0 a.m.53 views

CVE-2024-48984

CVE-2024-48984 affects MBed OS 6.16.0. The issue lies in HCI report parsing: the code dynamically determines the length of a reports list from an input byte and uses that to locate subsequent reports. It does not verify that these addresses stay within the target buffer passed to hciEvtProcessLeE...

9.8CVSS7.3AI score0.00534EPSS
CVE
CVE
added 2020/06/18 6:24 p.m.51 views

CVE-2020-12883

CVE-2020-12883 affects the CoAP library in ARM Mbed OS 5.15.3. The vulnerability arises in sn_coap_parser_options_parse(), which parses CoAP input linearly but fails to verify the input length against bytes read when processing extended option delta/length, and computes message_left incorrectly f...

9.1CVSS8.9AI score0.01783EPSS