CVE-2024-31225

Name of the Vulnerable Software and Affected Versions RIOT (affected versions not specified)

Description The on rd init() function in RIOT does not implement a size check before copying data to the result buf static buffer. This can cause a buffer overflow if an attacker crafts a long enough payload. The impact of this issue could range from denial of service to arbitrary code execution if the unchecked input crosses a security boundary.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider adding manual bounds checking to prevent the buffer overflow.