Out-of-bounds Read
CVE-2020-5235
Summary
There is a potentially exploitable out of memory condition In Nanopb prior to 0.2.9.4, 0.3.x prior to 0.3.9.5, and 0.4.x prior to 0.4.1. When nanopb is compiled with "PB_ENABLE_MALLOC", the message to be decoded contains a repeated string, bytes or message field and "realloc()" runs out of memory when expanding the array nanopb can end up calling "free()" on a pointer value that comes from uninitialized memory. Depending on platform this can result in a crash or further memory corruption, which may be exploitable in some cases.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-125 - Out-of-Bounds Read
Out-of-bounds read is a vulnerability that allows access to memory beyond the authorized accessible location. Such a vulnerability compromises the confidentiality of the trusted environment in the application and enables an attacker to launch further attacks by leveraging the exposed information.
References
Advisory Timeline
- Published