Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Golioth Pouch < [INSERT FIXED VERSION] BLE GATT Heap-based Buffer Overflow
Vulnerability Description
Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fragment, then appends subsequent fragments using memcpy() without verifying that sufficient capacity remains. An adjacent BLE client can send unauthenticated fragments whose combined size exceeds the allocated buffer, causing a heap overflow and crash; integrity impact is also possible due to memory corruption.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
pouch 安全漏洞
Vulnerability Description
pouch是Golioth开源的一种非IP协议。 pouch 0.1.0版本存在安全漏洞,该漏洞源于BLE GATT服务器证书处理中存在基于堆的缓冲区溢出,可能导致堆溢出和崩溃。
CVSS Information
N/A
Vulnerability Type
N/A