Pdgendt

**Name of the Vulnerable Software and Affected Versions** Network sockets subsystem (affected versions not specified) **Description** An out-of-bounds write and read issue exists in the TLS socket connect path within the network sockets subsystem, specifically in the `subsys/net/lib/sockets/sockets tls.c` file. When the TLS session cache is enabled, the functions `tls session store()` and `tls session restore()` use `memcpy` to copy a caller-supplied address into a fixed-size buffer. Because the `addrlen` value is controlled by the caller and not validated against the destination size, an application can provide an `addrlen` larger than the `struct net sockaddr` size. This allows the operation to read and write past the end of the address memory used by the TLS session cache, which can result in a system crash, denial of service, or potential arbitrary code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.