Описание
An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libcoap | not-affected | package | ||
| libcoap2 | not-affected | package | ||
| libcoap3 | fixed | 4.3.5-1 | package | |
| libcoap3 | fixed | 4.3.4-1.1+deb13u1 | trixie | package |
| libcoap3 | ignored | bookworm | package |
Примечания
https://github.com/obgm/libcoap/issues/1351
https://github.com/obgm/libcoap/commit/214665ac4b44b1b6a7e38d4d6907ee835a174928 (v4.3.5-rc1)
Introduced by: https://github.com/obgm/libcoap/commit/7033555d2978b8d4d5e16d43cfbfe1b1781c418f (v4.3.0-rc1)
Introduced by: https://github.com/obgm/libcoap/commit/47a83549a80dad9a83f84cdfaba54c54defb5444 (v4.3.2-rc1)
Связанные уязвимости
An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow.
An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow.
An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow.