Details of VAR-202411-1440

ID

VAR-202411-1440

CVE

CVE-2024-48983

TITLE

ARM Ltd. of Mbed OS Integer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-013307

DESCRIPTION

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the packet body determined earlier plus the header length. WsfMsgAlloc then increments this again by sizeof(wsfMsg_t). This may cause an integer overflow that results in the buffer being significantly too small to contain the entire packet. This may cause a buffer overflow of up to 65 KB . This bug is trivial to exploit for a denial of service but can generally not be exploited further because the exploitable buffer is dynamically allocated. ARM Ltd. of Mbed OS Exists in an integer overflow vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-48983 // JVNDB: JVNDB-2024-013307

AFFECTED PRODUCTS

vendor:	arm	model:	mbed	scope:	eq	version:	6.16.0	Trust: 1.0
vendor:	arm	model:	mbed os	scope:	eq	version:	-	Trust: 0.8
vendor:	arm	model:	mbed os	scope:	-	version:	-	Trust: 0.8
vendor:	arm	model:	mbed os	scope:	eq	version:	6.16.0	Trust: 0.8

sources: JVNDB: JVNDB-2024-013307 // NVD: CVE-2024-48983

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2024-48983
value:	HIGH
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-48983
value:	HIGH
Trust: 1.0
NVD:	CVE-2024-48983
value:	HIGH
Trust: 0.8

nvd@nist.gov:	CVE-2024-48983
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	CVE-2024-48983
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2024-013307 // NVD: CVE-2024-48983 // NVD: CVE-2024-48983

PROBLEMTYPE DATA

problemtype:	CWE-190	Trust: 1.0
problemtype:	Integer overflow or wraparound (CWE-190) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-013307 // NVD: CVE-2024-48983

EXTERNAL IDS

db:	NVD	id:	CVE-2024-48983	Trust: 2.6
db:	JVNDB	id:	JVNDB-2024-013307	Trust: 0.8

sources: JVNDB: JVNDB-2024-013307 // NVD: CVE-2024-48983

REFERENCES

url:	https://github.com/mbed-ce/mbed-os/blob/54e8693ef4ff7e025018094f290a1d5cf380941f/connectivity/feature_ble/libraries/cordio_stack/wsf/sources/port/baremetal/wsf_msg.c#l72	Trust: 1.8
url:	https://github.com/mbed-ce/mbed-os/pull/388	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2024-48983	Trust: 0.8

sources: JVNDB: JVNDB-2024-013307 // NVD: CVE-2024-48983

SOURCES

db:	JVNDB	id:	JVNDB-2024-013307
db:	NVD	id:	CVE-2024-48983

LAST UPDATE DATE

2024-11-26T23:07:39.558000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2024-013307	date:	2024-11-25T02:56:00
db:	NVD	id:	CVE-2024-48983	date:	2024-11-25T21:15:17.750

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2024-013307	date:	2024-11-25T00:00:00
db:	NVD	id:	CVE-2024-48983	date:	2024-11-20T20:15:19.183