dqp10515/CVE-2024-40494 Secret

## CVE-2024-40494
 [Suggested description]
 Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to
 execute arbitrary code or cause a denial of service (stack buffer
 overflow) via a crafted packet.

 ------------------------------------------

 [Vulnerability Type]
 Buffer Overflow

 ------------------------------------------

 [Vendor of Product]
 https://github.com/keith-cullen/FreeCoAP

 ------------------------------------------

 [Affected Product Code Base]
 An implementation of a CoAP client, a CoAP server and a HTTP/CoAP proxy with full DTLS support.    https://github.com/keith-cullen/FreeCoAP - v0.7

 ------------------------------------------

 [Affected Component]
 coap_msg.c, coap_msg_parse_ops function, coap_msg_parse function, coap_server_trans_recv function, coap_server_exchange function, coap_server_run function (issue details: https://github.com/dqp10515/security/tree/main/FreeCoAP_bug)

 ------------------------------------------

 [Attack Type]
 Remote

 ------------------------------------------

 [Impact Code execution]
 true

 ------------------------------------------

 [Attack Vectors]
 To exploit the vulnerability, an attacker must send a specially crafted packet to the CoAP server. Detailed steps to reproduce the issue can be found in the    Reproduce Info    section of the following link: https://github.com/dqp10515/security/tree/main/FreeCoAP_bug

 ------------------------------------------

 [Reference]
 https://github.com/dqp10515/security/tree/main/FreeCoAP_bug

 ------------------------------------------

 [Discoverer]
 wingtecher
	[Suggested description]
	Buffer Overflow in coap_msg.c in FreeCoAP allows remote attackers to
	execute arbitrary code or cause a denial of service (stack buffer
	overflow) via a crafted packet.

	------------------------------------------

	[Vulnerability Type]
	Buffer Overflow

	------------------------------------------

	[Vendor of Product]
	https://github.com/keith-cullen/FreeCoAP

	------------------------------------------

	[Affected Product Code Base]
	An implementation of a CoAP client, a CoAP server and a HTTP/CoAP proxy with full DTLS support. https://github.com/keith-cullen/FreeCoAP - v0.7

	------------------------------------------

	[Affected Component]
	coap_msg.c, coap_msg_parse_ops function, coap_msg_parse function, coap_server_trans_recv function, coap_server_exchange function, coap_server_run function (issue details: https://github.com/dqp10515/security/tree/main/FreeCoAP_bug)

	------------------------------------------

	[Attack Type]
	Remote

	------------------------------------------

	[Impact Code execution]
	true

	------------------------------------------

	[Attack Vectors]
	To exploit the vulnerability, an attacker must send a specially crafted packet to the CoAP server. Detailed steps to reproduce the issue can be found in the Reproduce Info section of the following link: https://github.com/dqp10515/security/tree/main/FreeCoAP_bug

	------------------------------------------

	[Reference]
	https://github.com/dqp10515/security/tree/main/FreeCoAP_bug

	------------------------------------------

	[Discoverer]
	wingtecher