CVE-2019-9004

Name of the Vulnerable Software and Affected Versions Eclipse Wakaama (formerly liblwm2m) version 1.0

Description The issue arises from the mishandling of invalid options in the LWM2M server, specifically within the core/er-coap-13/er-coap-13.c file. This mishandling leads to a memory leak, where processing a single crafted packet results in the leakage of 24 bytes of memory. Over time, this can cause the LWM2M server to terminate after all available memory is exhausted.

Recommendations For Eclipse Wakaama (formerly liblwm2m) version 1.0, consider applying a patch or fix that addresses the memory leak issue in the LWM2M server, specifically in the core/er-coap-13/er-coap-13.c file, to prevent memory exhaustion and potential server termination.