CVE-2024-27099

Azure IoT Platform Device SDK Double Free Vulnerability

CVSS 9.8 CRITICALEPSS 1.4%CWE-415

In short

A bug in Azure's IoT communication library (uAMQP) can cause the program to free the same memory twice when handling certain bad data, potentially allowing an attacker to run malicious code on the affected device.

Technical detail

Double free vulnerability in uAMQP library's AMQP_VALUE error handling that occurs when processing malformed AMQP protocol messages; attacker must send specially crafted AMQP frames to trigger the condition, resulting in memory corruption and potential remote code execution with the privileges of the affected service.

Summary generated and translated by AI from the official description.

The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect `AMQP_VALUE` failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Azure · azure-uamqp-c

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/Azure/azure-uamqp-c/commit/2ca42b6e4e098af2d17e487814a91d05f6ae4987 https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-6rh4-fj44-v4jj