Impact
In the Zephyr LwM2M implementation, malformed input can result in an infinite loop, resulting in a denial of service attack.
A remote adversary that can inject LwM2M messages is able to cause a denial of service. The overall risk of this finding is set to Informational because LwM2M is a privileged protocol, which can also implement commands such as reboot or firmware upgrade, and therefore is not expected to be exposed to the internet.
see NCC-ZEP-033
The function do_write_op_tlv, if the TLV entry is not one of the expected types, no processing will be performed. This will result in a loop running forever, resulting in a denial of service.
Patches
This has been fixed in:
For more information
If you have any questions or comments about this advisory:
embargo: 2020-06-25
zepsec: ZEPSEC-56
Impact
In the Zephyr LwM2M implementation, malformed input can result in an infinite loop, resulting in a denial of service attack.
A remote adversary that can inject LwM2M messages is able to cause a denial of service. The overall risk of this finding is set to Informational because LwM2M is a privileged protocol, which can also implement commands such as reboot or firmware upgrade, and therefore is not expected to be exposed to the internet.
see NCC-ZEP-033
The function do_write_op_tlv, if the TLV entry is not one of the expected types, no processing will be performed. This will result in a loop running forever, resulting in a denial of service.
Patches
This has been fixed in:
For more information
If you have any questions or comments about this advisory:
embargo: 2020-06-25
zepsec: ZEPSEC-56