CVE-2024-56318
- Source
- https://cve.org/CVERecord?id=CVE-2024-56318
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56318.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-56318
- Published
- 2024-12-18T23:15:18.213Z
- Modified
- 2025-11-16T08:42:10.504691Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In raw\TCP.cpp in Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before 27ca6ec, there is a NULL pointer dereference in TCPBase::ProcessSingleMessage via TCP packets with zero messageSize, leading to denial of service.
- References
Affected packages
Git / github.com/project-chip/connectedhomeip
Affected ranges
- Type
- GIT
- Repo
- https://github.com/project-chip/connectedhomeip
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
SVE_23_03/rc1
SVE_23_03/rc2
SVE_23_09/rc1
TE8/rc1
TE8/rc2
TE8/rc3
TE9
TE_23_02/rc1
TE_23_02/rc2
TE_24_01/rc1
test_event_1_2012_03_05
test_event_2_2012_04_19
test_event_2_2012_04_21
test_event_2_2012_04_22
test_event_3_2012_04_21
test_event_3_2021_06_01
test_event_3_2021_06_03
test_event_4_2021_07_06
v2021_01_27-alpha
v2021_02_02-alpha
v2021_02_10-alpha
TH-Matter-1.*
TH-Matter-1.2
V1.*
V1.0.0.1
v1.*
v1.0.0.2
v1.1.0.0
v1.1.0.1
v1.2.0.0
v1.2.0.1
v1.3.0.0
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-56318.json"
vanir_signatures
[
{
"digest": {
"function_hash": "85220886980676574357238494970079594571",
"length": 980.0
},
"id": "CVE-2024-56318-405ebd2d",
"signature_type": "Function",
"source": "https://github.com/project-chip/connectedhomeip/commit/27ca6ec255b78168e04bd71e0f1a473869cf144b",
"target": {
"function": "TCPBase::ProcessReceivedBuffer",
"file": "src/transport/raw/TCP.cpp"
},
"deprecated": false,
"signature_version": "v1"
},
{
"digest": {
"line_hashes": [
"210761545519706400408137987399302026381",
"85432303657173421065130128341709707335",
"200059086190491803262042164468836884029",
"203139231044900653528683243837066665196",
"84249658389931379939873403952346462488"
],
"threshold": 0.9
},
"id": "CVE-2024-56318-454b434d",
"signature_type": "Line",
"source": "https://github.com/project-chip/connectedhomeip/commit/27ca6ec255b78168e04bd71e0f1a473869cf144b",
"target": {
"file": "src/transport/raw/TCP.cpp"
},
"deprecated": false,
"signature_version": "v1"
},
{
"digest": {
"function_hash": "32421412006064019657759625627430524861",
"length": 2892.0
},
"id": "CVE-2024-56318-8b5ab053",
"signature_type": "Function",
"source": "https://github.com/project-chip/connectedhomeip/commit/27ca6ec255b78168e04bd71e0f1a473869cf144b",
"target": {
"function": "TEST_F",
"file": "src/transport/raw/tests/TestTCP.cpp"
},
"deprecated": false,
"signature_version": "v1"
},
{
"digest": {
"line_hashes": [
"47819698538720653010622050840099369968",
"222490919017585772226886837674454426908",
"205702324348180279449294341254835502813",
"284460173325911301627705031459474834280",
"46482670514995860642047455801431461489",
"74012079602100009564775186880153179952",
"233971349962816170516743296921899127447"
],
"threshold": 0.9
},
"id": "CVE-2024-56318-c533d0a4",
"signature_type": "Line",
"source": "https://github.com/project-chip/connectedhomeip/commit/27ca6ec255b78168e04bd71e0f1a473869cf144b",
"target": {
"file": "src/transport/raw/tests/TestTCP.cpp"
},
"deprecated": false,
"signature_version": "v1"
}
]