CVE-2021-45937: 
Homebrew vulnerability analysis and mitigation

A heap-based buffer overflow vulnerability was discovered in wolfSSL wolfMQTT version 1.9, identified as CVE-2021-45937. The vulnerability exists in the MqttClientDecodePacket function, which is called from MqttClientWaitType and MqttClient_Connect functions. The issue was disclosed on December 31, 2021 (NVD).

The vulnerability is classified as a heap-based buffer overflow with a CVSS v3.1 Base Score of 5.5 (Medium). The attack vector is local (AV:L), with low attack complexity (AC:L), requiring no privileges (PR:N) but user interaction (UI:R). The scope is unchanged (S:U), with no impact on confidentiality (C:N) or integrity (I:N), but high impact on availability (A:H). The vulnerability is tracked as CWE-787 (Out-of-bounds Write) (NVD).

The vulnerability affects the availability of the system through a heap-based buffer overflow, which could potentially lead to application crashes or denial of service conditions. There is no reported impact on system confidentiality or integrity (NVD).

The vulnerability has been patched in a subsequent release. The fix was implemented through a commit that addresses the buffer overflow issue in the MqttClient_DecodePacket function (WolfMQTT Patch). Users are advised to upgrade to the patched version.