Buffer Over-read Vulnerability in Arm Mbed OS CoAP Library
CVE-2020-12884

9.1CRITICAL

Key Information:

Vendor: Arm
Status: Mbed Os
Vendor: CVE Published:; 18 June 2020

Summary

A buffer over-read issue exists in the CoAP library of Arm Mbed OS 5.15.3. This vulnerability arises when the CoAP parser processes packets that may contain multiple options. Specifically, the function sn_coap_parser_options_parse_multiple_options() fails to conduct an out-of-bounds check on packet_data_pptr after incrementing it by option_len. While there is a validation check for temp_parsed_uri_query_ptr, it relies on allocated heap memory rather than the actual size of input data. Thus, access can potentially go beyond the intended packet buffer boundary, posing significant security risks.

References

https://github.com/ARMmbed/mbed-os/issues/12928

x_refsource_MISC

https://github.com/ARMmbed/mbed-coap/pull/116

x_refsource_CONFIRM

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 18, 2020
Vulnerability Reserved
May 15, 2020