CVE-2019-12101

Name of the Vulnerable Software and Affected Versions LibNyoci version 0.07.00rc1

Description The issue is related to the coap decode option function in coap.c, which mishandles certain packets containing Uri-Path: (null). This mishandling allows remote attackers to cause a denial of service, resulting in a segmentation fault.

Recommendations For LibNyoci version 0.07.00rc1, consider disabling the coap decode option function as a temporary workaround until a patch is available. Restrict access to the coap.c module to minimize the risk of exploitation. Avoid using packets with Uri-Path: (null) in the affected API endpoint until the issue is resolved.