In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4.
References
Link | Resource |
---|---|
https://github.com/Lora-net/LoRaMac-node/security/advisories/GHSA-559p-6xgm-fpv9 | Patch Third Party Advisory |
https://github.com/Lora-net/LoRaMac-node/commit/e3063a91daa7ad8a687223efa63079f0c24568e4 | Patch Third Party Advisory |
Configurations
Information
Published : 2020-06-23 10:15
Updated : 2020-07-01 11:38
NVD link : CVE-2020-11068
Mitre link : CVE-2020-11068
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
semtech
- loramac-node