CVE-2024-48982

Name of the Vulnerable Software and Affected Versions MBed OS version 6.16.0

Description An issue was discovered in the hci parsing software of MBed OS, where it dynamically determines the length of certain hci packets by reading a byte from its header. The software assumes this value to be greater than or equal to 3 but does not ensure this, leading to a buffer overflow when a length less than 3 is supplied. Additionally, supplying large length values can cause an integer overflow because the provided length value is increased by a few bytes. This issue can be exploited for a denial of service but is unlikely to suffice to bring the system down and cannot be exploited further due to the dynamic allocation of the exploitable buffer.

Recommendations For MBed OS version 6.16.0, as a temporary workaround, consider restricting the input to the hci parsing software to prevent supplying lengths less than 3 or large values that could cause an integer overflow, until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.