STMicroelectronics X-CUBE-AZRTOS-WL Integer Underflow Vulnerability in HTTP Server PUT Requests

A denial-of-service vulnerability due to integer underflow has been identified in the HTTP server's PUT request handling within STMicroelectronics X-CUBE-AZRTOS-WL version 2.0.0. This issue arises in the NetX Duo Component HTTP Server implementation, where a sequence of specially crafted network requests can be used to disrupt service. The vulnerability allows an attacker to send malicious packets that trigger the underflow, potentially leading to excessive resource consumption on the file system.

Impact

Exploitation of this vulnerability can cause a denial-of-service condition by consuming all available file system resources, leading to a failure in handling normal file operations.

Reproduction

The vulnerability can be reproduced by sending an HTTP PUT request with a 'Content-Length' header that indicates a larger size than the actual data included in the first packet. This can be followed by additional packets containing data, which will be processed as if they were part of the original request. The HTTP server will then write an excessively large file to the file system, consuming all available resources.

Remediation

Developers can disable the processing of PUT requests by terminating the request handling in an application callback function.