Details of VAR-202411-3168

ID

VAR-202411-3168

CVE

CVE-2024-48984

TITLE

ARM Ltd. of Mbed OS Classic buffer overflow vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2024-028276

DESCRIPTION

An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software dynamically determines the length of a list of reports by reading a byte from an input stream. It then fetches the length of the first report, uses it to calculate the beginning of the second report, etc. In doing this, it tracks the largest report so it can later allocate a buffer that fits every individual report (but only one at a time). It does not, however, validate that these addresses are all contained within the buffer passed to hciEvtProcessLeExtAdvReport. It is then possible, though unlikely, that the buffer designated to hold the reports is allocated in such a way that one of these out-of-bounds length fields is contained within the new buffer. When the (n-1)th report is copied, it overwrites the length field of the nth report. This now corrupted length field is then used for a memcpy into the new buffer, which may lead to a buffer overflow. ARM Ltd. of Mbed OS Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.62

sources: NVD: CVE-2024-48984 // JVNDB: JVNDB-2024-028276

AFFECTED PRODUCTS

vendor:	arm	model:	mbed os	scope:	eq	version:	6.16.0	Trust: 1.8
vendor:	arm	model:	mbed os	scope:	eq	version:	-	Trust: 0.8
vendor:	arm	model:	mbed os	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2024-028276 // NVD: CVE-2024-48984

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-48984
value:	CRITICAL
Trust: 1.0
OTHER:	JVNDB-2024-028276
value:	CRITICAL
Trust: 0.8

134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2024-48984
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2024-028276
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2024-028276 // NVD: CVE-2024-48984

PROBLEMTYPE DATA

problemtype:	CWE-120	Trust: 1.0
problemtype:	Classic buffer overflow (CWE-120) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2024-028276 // NVD: CVE-2024-48984

EXTERNAL IDS

db:	NVD	id:	CVE-2024-48984	Trust: 2.6
db:	JVNDB	id:	JVNDB-2024-028276	Trust: 0.8

sources: JVNDB: JVNDB-2024-028276 // NVD: CVE-2024-48984

REFERENCES

url:	https://github.com/mbed-ce/mbed-os/blob/54e8693ef4ff7e025018094f290a1d5cf380941f/connectivity/feature_ble/libraries/cordio_stack/ble-host/sources/hci/dual_chip/hci_evt.c#l1317	Trust: 1.8
url:	https://github.com/mbed-ce/mbed-os/pull/387	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2024-48984	Trust: 0.8

sources: JVNDB: JVNDB-2024-028276 // NVD: CVE-2024-48984

SOURCES

db:	JVNDB	id:	JVNDB-2024-028276
db:	NVD	id:	CVE-2024-48984

LAST UPDATE DATE

2025-10-03T23:16:13.271000+00:00

SOURCES UPDATE DATE

db:	JVNDB	id:	JVNDB-2024-028276	date:	2025-09-30T09:14:00
db:	NVD	id:	CVE-2024-48984	date:	2025-09-24T19:09:25.543

SOURCES RELEASE DATE

db:	JVNDB	id:	JVNDB-2024-028276	date:	2025-09-30T00:00:00
db:	NVD	id:	CVE-2024-48984	date:	2024-11-20T21:15:07.920