Impact
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices if the preferred protocol to the hub service is the AMQP protocol.
The vulnerability results from a situation where the uAMQP library attempts to free the same memory location twice while processing an incorrect “AMQP_VALUE” failed state which may lead to possible RCE. This may occur when a memory allocation has failed (usually due to a low memory event).
Requirements for RCE:
- Compromised Azure account allowing malformed payloads to be sent to the device via IoT Hub service
- Low memory device condition triggering failed memory allocation
- Ability to overwrite code space with remote code."
Patches
Update submodule with commit 2ca42b6
Workarounds
None
Impact
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices if the preferred protocol to the hub service is the AMQP protocol.
The vulnerability results from a situation where the uAMQP library attempts to free the same memory location twice while processing an incorrect “AMQP_VALUE” failed state which may lead to possible RCE. This may occur when a memory allocation has failed (usually due to a low memory event).
Requirements for RCE:
Patches
Update submodule with commit 2ca42b6
Workarounds
None