CVE-2024-31031

An issue in coap_pdu.c in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow.

Published: Apr 17, 2024
Updated: Nov 5, 2025
CVE: CVE-2024-31031
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

CWE-190

Affected Software
References

Software	From	Fixed in
libcoap / libcoap	4.3.4	4.3.4.x
fedoraproject / fedora	39	39.x
fedoraproject / fedora	40	40.x

https://github.com/obgm/libcoap/issues/1351
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LPENEJBV3KSASIYKNZAKXDAH7Q66KPYG/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUL7QDYFGEIJVO2ZSG4O5HEAWR6PFC52/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LPENEJBV3KSASIYKNZAKXDAH7Q66KPYG/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUL7QDYFGEIJVO2ZSG4O5HEAWR6PFC52/

Vulnerability Database

CVE-2024-31031

Deep Security Visibility Without the Complexity