CVE-2019-9004
First published: Fri Feb 22 2019(Updated: )
In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13.c in lwm2mserver in the LWM2M server mishandles invalid options, leading to a memory leak. Processing of a single crafted packet leads to leaking (wasting) 24 bytes of memory. This can lead to termination of the LWM2M server after exhausting all available memory.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Eclipse Wakaama | =1.0 | |
| =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-9004?
CVE-2019-9004 is a vulnerability in Eclipse Wakaama (formerly liblwm2m) 1.0 that leads to a memory leak due to mishandling of invalid options.
What is the severity of CVE-2019-9004?
CVE-2019-9004 has a severity rating of 7.5, which is considered high.
How does CVE-2019-9004 affect Eclipse Wakaama?
CVE-2019-9004 affects Eclipse Wakaama 1.0 by causing a memory leak when processing a crafted packet with invalid options.
How can I fix CVE-2019-9004 in Eclipse Wakaama?
To fix CVE-2019-9004 in Eclipse Wakaama, it is recommended to update to the latest version or apply the patch provided by the vendor.
Where can I find more information about CVE-2019-9004?
More information about CVE-2019-9004 can be found at the following link: [https://github.com/eclipse/wakaama/issues/425]
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/event
- agent/tags
- agent/source
- vendor/eclipse
- canonical/eclipse wakaama
- version/eclipse wakaama/1.0