Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An integer overflow was discovered in the CoAP library in Arm Mbed OS 5.14.0. The function sn_coap_builder_calc_needed_packet_data_size_2() is used to calculate the required memory for the CoAP message from the sn_coap_hdr_s data structure. Both returned_byte_count and src_coap_msg_ptr->payload_len are of type uint16_t. When added together, the result returned_byte_count can wrap around the maximum uint16_t value. As a result, insufficient buffer space is allocated for the corresponding CoAP message.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ARM Mbed OS CoAP library 输入验证错误漏洞
Vulnerability Description
ARM Mbed OS是英国ARM公司的一套专用于物联网的开源嵌入式操作系统。CoAP library是其中的一个约束应用协议(CoAP)库。 Arm Mbed OS 5.14.0版本中的CoAP library的‘sn_coap_builder_calc_needed_pa??cket_data_size_2’函数存在输入验证错误漏洞。远程攻击者可借助特制请求利用该漏洞在系统上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A