Buffer Overflow Vulnerability in MBed OS 6.16.0 Affecting HCI Packet Processing
CVE-2024-48986

7.5HIGH

Key Information:

Vendor: Arm
Status: Mbed
Vendor: CVE Published:; 20 November 2024

Summary

A buffer overflow vulnerability exists in MBed OS 6.16.0 due to a flaw in the HCI parsing logic. The software dynamically calculates the length of specific HCI packets based on a byte in the packet header. This calculation may lead to the allocation of an insufficiently sized buffer based on events triggered during packet processing. As a result, the data copied during write operations could exceed the buffer's allocated size, potentially resulting in a denial of service situation. While this vulnerability provides an opportunity for exploitation, the dynamic nature of the buffer allocation limits the ability to compromise the entire system further.

References

https://github.com/mbed-ce/mbed-os/blob/54e8693ef4ff7e025...

https://github.com/mbed-ce/mbed-os/pull/385

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 20, 2024