漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Golioth Pouch (prior to commit 1b2219a1) BLE GATT Heap-based Buffer Overflow
Vulnerability Description
Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fragment, then appends subsequent fragments using memcpy() without verifying that sufficient capacity remains. An adjacent BLE client can send unauthenticated fragments whose combined size exceeds the allocated buffer, causing a heap overflow and crash; integrity impact is also possible due to memory corruption.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
pouch 安全漏洞
Vulnerability Description
pouch是Golioth开源的一种非IP协议。 pouch 0.1.0版本存在安全漏洞,该漏洞源于BLE GATT服务器证书处理中存在基于堆的缓冲区溢出,可能导致堆溢出和崩溃。
CVSS Information
N/A
Vulnerability Type
N/A