Memory Leak Vulnerability in Eclipse Wakaama (formerly liblwm2m) 1.0

Memory Leak Vulnerability in Eclipse Wakaama (formerly liblwm2m) 1.0

CVE-2019-9004 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13.c in lwm2mserver in the LWM2M server mishandles invalid options, leading to a memory leak. Processing of a single crafted packet leads to leaking (wasting) 24 bytes of memory. This can lead to termination of the LWM2M server after exhausting all available memory.

Learn more about our Cis Benchmark Audit For Server Software.