6 matches found
CVE-2024-22905
The CVE-2024-22905 entry concerns a Buffer Overflow in ARM mbed-os v6.17.0 that allows a remote attacker to execute arbitrary code by sending a crafted script to the hciTrSerialRxIncoming function. Affected product: ARM mbed-os 6.17.0; vulnerability type: buffer overflow in the HCI transport path...
CVE-2020-12884
CVE-2020-12884 affects Arm Mbed OS 5.15.3 CoAP library. The CoAP parser option handling (sn_coap_parser_options_parse_multiple_options) can read past the packet boundary: packet_data_pptr is advanced by option_len without a prior out-of-bounds check, while temp_parsed_uri_query_ptr validation use...
CVE-2020-12886
The CVE affects Arm Mbed OS CoAP library (mbed-coap) in version 5.15.3. The root cause is in sn_coap_parser_options_parse(): the length of the token is read from the message but not validated against the input buffer before accessing the token, enabling a memory access outside the buffer (buffer ...
CVE-2020-12885
CVE-2020-12885 affects the CoAP library in Arm Mbed OS 5.15.3. The infinite loop is in the CoAP parser function sn_coap_parser_options_parse_multiple_options() , where the loop exit is based on the previously allocated heap memory for parsed options. If the input heap memory calculation yields ze...
CVE-2024-48984
CVE-2024-48984 affects MBed OS 6.16.0. The issue lies in HCI report parsing: the code dynamically determines the length of a reports list from an input byte and uses that to locate subsequent reports. It does not verify that these addresses stay within the target buffer passed to hciEvtProcessLeE...
CVE-2020-12883
CVE-2020-12883 affects the CoAP library in ARM Mbed OS 5.15.3. The vulnerability arises in sn_coap_parser_options_parse(), which parses CoAP input linearly but fails to verify the input length against bytes read when processing extended option delta/length, and computes message_left incorrectly f...