CVE-2024-56319: In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user label appends in a userlabel cluster can lead to a...

Description

In Matter (aka connectedhomeip or Project CHIP) through 1.4.0.0 before e3277eb, unlimited user label appends in a userlabel cluster can lead to a denial of service (resource exhaustion).

Classification

CVE ID: CVE-2024-56319

Affected Products

Vendor: Matter

Product: Matter

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.83% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://github.com/project-chip/connectedhomeip/issues/36760
https://github.com/project-chip/connectedhomeip/pull/36843
https://github.com/project-chip/connectedhomeip/commit/e3277eb02ed8115de5887e8beca0e35007ba71f3

Timeline