CVE-2024-42484

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-42484

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42484.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-42484

Aliases

GHSA-q6f6-4qc5-vhx5

Published

2024-09-12T14:12:13.174Z

Modified

2025-12-05T05:58:00.156712Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L CVSS Calculator

Summary

ESP-NOW OOB Vulnerability In Group Type Message

Details

ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound (OOB) vulnerability was discovered in the implementation of the ESP-NOW group type message because there is no check for the addrsnum field of the group type message. This can result in memory corruption related attacks. Normally there are two fields in the group information that need to be checked, i.e., the addrsnum field and the addrslist fileld. Since we only checked the addrslist field, an attacker can send a group type message with an invalid addrs_num field, which will cause the message handled by the firmware to be much larger than the current buffer, thus causing a memory corruption issue that goes beyond the payload length.

Database specific

{
    "cwe_ids": [
        "CWE-125"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42484.json"
}

References

Affected packages

Git / github.com/espressif/esp-now

Affected ranges

Type: GIT
Repo: https://github.com/espressif/esp-now
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

b03a1b4593713fa4bf0038a87edca01f10114a7a

Affected versions

v1.*

v1.0

v1.0-beta1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-42484.json"

vanir_signatures

[
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "source": "https://github.com/espressif/esp-now/commit/b03a1b4593713fa4bf0038a87edca01f10114a7a",
        "digest": {
            "line_hashes": [
                "160030152343964531518460612749256035361",
                "157036498779177773506696224074431084838",
                "285303301481686724660312132864518158260",
                "302933867413239757197032712644742086395",
                "78906203660382196090616099555614087389",
                "178294395923776589299858066677399948265",
                "289146791555961114400622824804476210018",
                "275223600873215869966083029684036478252",
                "251436229404630025883971023096550140302",
                "280215613961152411703457900650267166290",
                "25224555856242861052380678897197222236",
                "56312714574793434218646694196155310792",
                "273764038953769477912013910440682255203",
                "47197361825224031639977846771676558227",
                "150740626906744676032254824222384801761",
                "101877214547795292567928198844864043549",
                "145339471468839692808015114489496377828"
            ],
            "threshold": 0.9
        },
        "id": "CVE-2024-42484-7436b767",
        "deprecated": false,
        "target": {
            "file": "src/espnow/src/espnow.c"
        }
    }
]