High severity7.5OSV Advisory· Published Dec 18, 2024· Updated Apr 15, 2026
CVE-2024-56318
CVE-2024-56318
Description
In raw\TCP.cpp in Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before 27ca6ec, there is a NULL pointer dereference in TCPBase::ProcessSingleMessage via TCP packets with zero messageSize, leading to denial of service.
Affected products
2SVE_23_03/rc1, SVE_23_03/rc2, SVE_23_09/rc1, …+ 1 more
- (no CPE)range: SVE_23_03/rc1, SVE_23_03/rc2, SVE_23_09/rc1, …
- (no CPE)range: <=1.4.0.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.