{"id":"CVE-2024-41125","summary":"Out-of-bounds read in SNMP when decoding a string in Contiki-NG","details":"Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The vulnerability exists in the os/net/app-layer/snmp/snmp-ber.c module, where the function snmp_ber_decode_string_len_buffer decodes the string length from a received SNMP packet. In one place, one byte is read from the buffer, without checking that the buffer has another byte available, leading to a possible out-of-bounds read. The problem has been patched in Contiki-NG pull request #2936. It will be included in the next release of Contiki-NG. Users are advised to apply the patch manually or to wait for the next release. A workaround is to disable the SNMP module in the Contiki-NG build configuration.","aliases":["GHSA-qjj3-gqx7-438w"],"modified":"2026-04-10T05:16:37.853313Z","published":"2024-11-27T18:20:45.613Z","database_specific":{"cwe_ids":["CWE-125"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41125.json","cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/41xxx/CVE-2024-41125.json"},{"type":"ADVISORY","url":"https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-qjj3-gqx7-438w"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41125"},{"type":"FIX","url":"https://github.com/contiki-ng/contiki-ng/pull/2936"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/contiki-ng/contiki-ng","events":[{"introduced":"0"},{"last_affected":"c20b12cd2db707d6c07918f8b26cfeb52cf298ca"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.9"}]}}],"versions":["2.0","2.1","2.2","2.2.1","2.2.2","2.2.3","2.3","2.4","2.5-release","2.6","2.6-rc0","develop/v3.x-fork","develop/v4.0","fork","old/v2.0","old/v2.1","old/v2.2","old/v2.2.1","old/v2.2.2","old/v2.2.3","old/v2.3","old/v2.4","old/v2.6","release/v4.0","release/v4.1","release/v4.2","release/v4.3","release/v4.4","release/v4.5","release/v4.6","release/v4.7","release/v4.8","release/v4.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-41125.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}]}