Description

libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised Device Protocol) and provides a C library with support for C++, Rust and Python3. At ospd_common.c, on the osdp_reply_name function, any reply id between REPLY_ACK and REPLY_XRD is valid, but names array do not declare all of the range. On a case of an undefined reply id within the range, name will be null (name = names[reply_id - REPLY_ACK];). Null name will casue a crash on next line: if (name[0] == '\0') as null[0] is invalid. As this logic is not limited to a secure connection, attacker may trigger this vulnerability without any prior knowledge. This issue is fixed in 2.4.0.

INFO

Published Date :

2024-11-12T15:58:28.434Z

Last Modified :

2024-11-19T17:01:59.287Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-52296 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-52296.

URL Resource
https://github.com/goToMain/libosdp/commit/24409e98a260176765956ec766a04cb35984fab1 cve-icon cve-icon
https://github.com/goToMain/libosdp/security/advisories/GHSA-7945-5mcv-f2pp cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact