CVE-2020-12883

Name of the Vulnerable Software and Affected Versions Arm Mbed OS version 5.15.3

Description Buffer over-reads were discovered in the CoAP library. The CoAP parser is responsible for parsing received CoAP packets. The function sn coap parser options parse() parses CoAP input linearly using a while loop. The actual input packet length is not verified against the number of bytes read when processing the option extended delta and the option extended length. Moreover, the calculation of the message left variable, in the case of non-extended option deltas, is incorrect and indicates more data left for processing than provided in the function input. This leads to heap-based or stack-based memory location read access that is outside of the intended boundary of the buffer, potentially resulting in processing of unintended inputs or system memory access violation errors.

Recommendations For Arm Mbed OS version 5.15.3, as a temporary workaround, consider disabling the sn coap parser options parse() function until a patch is available. Restrict access to the CoAP library to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.