libcoap Memory Disclosure Vulnerability in OSCORE Configuration Parser

A memory disclosure vulnerability has been identified in libcoap versions prior to 4.3.5-patches. The issue arises in the OSCORE configuration parser, where an out-of-bounds read may occur while parsing certain configuration values. This flaw allows an attacker to read memory beyond the boundaries of strings, potentially leading to information disclosure or a denial-of-service condition.

Impact

Exploitation of this vulnerability could result in unauthorized memory access, allowing for information disclosure or causing the application to crash.

Reproduction

The vulnerability can be reproduced by calling the 'coap_new_oscore_conf()' function with a specially crafted configuration file that includes a boolean parameter value longer than the string 'false'. This will cause the memory read to extend past the expected boundaries, into the '.rodata' section, potentially leading to a crash or unauthorized memory access.

Remediation

Users can upgrade to libcoap version 4.3.5 or later to address this vulnerability.