CVE-2019-9004
HIGHEclipse Wakaama 1.0 - Memory Leak in er-coap-13.c Option Processing
Title source: llmDescription
In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13.c in lwm2mserver in the LWM2M server mishandles invalid options, leading to a memory leak. Processing of a single crafted packet leads to leaking (wasting) 24 bytes of memory. This can lead to termination of the LWM2M server after exhausting all available memory.
References (1)
Core 1
Core References
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://github.com/eclipse/wakaama/issues/425
Scores
CVSS v3
7.5
EPSS
0.0035
EPSS Percentile
57.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-401
Status
published
Products (1)
eclipse/wakaama
1.0
Published
Feb 22, 2019
Tracked Since
Feb 18, 2026