Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the CoAP packet header starting from the message token. The length of the token in the received message is provided in the first byte parsed by the sn_coap_parser_options_parse() function. The length encoded in the message is not validated against the actual input buffer length before accessing the token. As a result, memory access outside of the intended boundary of the buffer may occur.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ARM Mbed OS CoAP library 缓冲区错误漏洞
Vulnerability Description
ARM Mbed OS是英国ARM公司的一套专用于物联网的开源嵌入式操作系统。CoAP library是其中的一个约束应用协议(CoAP)库。 ARM Mbed OS 5.15.3版本中的CoAP library存在缓冲区错误漏洞。攻击者可借助格式错误的CoAP数据包利用该漏洞获取敏感信息或造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A