Out-of-bounds Read Affecting nanopb package, versions [,0.2.9.4)[0.3.9,0.3.9.5)[0.4.0,0.4.1)


Severity

Recommended
0.0
medium
0
10

CVSS assessment made by Snyk's Security Team. Learn more

Threat Intelligence

EPSS
0.3% (69th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-PYTHON-NANOPB-546354
  • published4 Feb 2020
  • disclosed3 Feb 2020
  • creditUnknown

Introduced: 3 Feb 2020

CVE-2020-5235  (opens in a new tab)
CWE-125  (opens in a new tab)

How to fix?

Upgrade nanopb to version 0.2.9.4, 0.3.9.5, 0.4.1 or higher.

Overview

nanopb is a python binding for C package nanopb.

Affected versions of this package are vulnerable to Out-of-bounds Read. It might call free() on a pointer value that comes from uninitialized memory, with the following conditions:

  1. It is compiled with PB_ENABLE_MALLOC
  2. the message to be decoded contains a repeated string, bytes or message field
  3. realloc() runs out of memory when expanding the array

Depending on platform this can result in a crash or further memory corruption, which may be exploitable in some cases.

CVSS Scores

version 3.1