Primary

Context

libcoap Stack-Based Buffer Overflow Vulnerability in Address Resolution Allowing Denial-of-Service or Potential Remote Code Execution

Vulnerability

Patched

A stack-based buffer overflow vulnerability has been identified in libcoap versions through 4.3.5, prior to commit 30db3ea. The issue arises in the address resolution process, where attacker-controlled hostname data is copied into a fixed 256-byte stack buffer without adequate bounds checking. This vulnerability can be exploited by remote attackers to cause a crash and possibly achieve remote code execution, depending on compiler options and runtime memory protections. Exploitation requires the proxy logic to be enabled, activating the proxy request handling code path in applications that use libcoap.

Impact

Exploitation of this vulnerability leads to a stack-based buffer overflow, causing a crash and potentially allowing remote code execution, depending on the environment.

Remediation

Users can upgrade to libcoap version 4.3.5 or later to address this vulnerability.

Added: Dec 31, 2025, 7:18 PM

Updated: Dec 31, 2025, 8:52 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.9

remediation

0.0

relevance

1.7

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.9

remediation

0.0

relevance

1.7

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

libcoap Stack-Based Buffer Overflow Vulnerability in Address Resolution Allowing Denial-of-Service or Potential Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

obgm libcoap

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating