VYPR
High severity7.5OSV Advisory· Published Dec 18, 2024· Updated Apr 15, 2026

CVE-2024-56318

CVE-2024-56318

Description

In raw\TCP.cpp in Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before 27ca6ec, there is a NULL pointer dereference in TCPBase::ProcessSingleMessage via TCP packets with zero messageSize, leading to denial of service.

Affected products

2
  • SVE_23_03/rc1, SVE_23_03/rc2, SVE_23_09/rc1, …+ 1 more
    • (no CPE)range: SVE_23_03/rc1, SVE_23_03/rc2, SVE_23_09/rc1, …
    • (no CPE)range: <=1.4.0.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.