Buffer Overflow Vulnerability in MBed OS from Arm
CVE-2024-48983

7.5HIGH

Key Information:

Vendor: Arm
Status: Mbed
Vendor: CVE Published:; 20 November 2024

Summary

A vulnerability in MBed OS 6.16.0 can lead to a buffer overflow when processing HCI packets. The software calculates the length of packet data based on two bytes from the packet header, allocating a buffer to accommodate the entire packet's size, which includes the packet body and the header. Due to a flaw in this length calculation, an integer overflow could occur, resulting in a dynamically allocated buffer that is insufficient to hold the packet, potentially leading to a buffer overflow of up to 65 KB. While this vulnerability is primarily exploitable for causing denial of service, its exploitability is limited due to the dynamic nature of the buffer allocation.

References

https://github.com/mbed-ce/mbed-os/blob/54e8693ef4ff7e025...

https://github.com/mbed-ce/mbed-os/pull/388

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 20, 2024