Contiki-NG 缓冲区错误漏洞

Contiki-NG is a Contiki-NG open source operating system for resource-constrained devices in the Internet of Things. A buffer error vulnerability exists in Contiki-NG that originates from a 1-byte out-of-bounds read that may be triggered when sending a packet to a device running the SNMP-enabled...

CVE-2023-50926 Unvalidated DIO prefix info length in RPL-Lite in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be caused by an incoming DIO message when using the RPL-Lite implementation in the Contiki-NG operating system. More specifically, the prefix information of the DIO message...

PT-2024-14013 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG versions prior to 4.9 Description: The issue is caused by insufficient control of the lengths for DIO and DAO messages, particularly when they contain RPL sub-option headers, allowing an attacker to trigger out-of-bounds reads in t...

Contiki-NG Buffer Error Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A buffer error vulnerability exists in Contiki-NG 4.9 and earlier versions, which stems from an out-of-bounds write in the driver for the IEEE 802.15.4 radio...

Contiki-NG Security Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG tinyDTLS version 2018-08-30 and earlier versions that stems from the fact that an incorrect handshake may be accomplished using different...

Contiki-NG Buffer Error Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. Contiki-NG 4.9 and earlier versions suffer from a buffer error vulnerability that stems from allowing an attacker to inject TCP packets resulting in out-of-bounds buffer reads...

PT-2023-24672 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG versions prior to 4.9 Description: The issue arises when the Contiki-NG OS processes ICMP DAO packets in the dao input storing function without verifying that the packet buffer is sufficiently large, leading to potential...

CVE-2022-36053 Out-of-bounds read in the uIP buffer module

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module os/net/ipv6/uipbuf.c that processes IPv6 extension headers in incoming data packets. As part of this processing, the function...

Contiki-NG 缓冲区错误漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A buffer error vulnerability exists in Contiki-NG versions prior to 4.8, which stems from insufficient validation of the IPv6 Network Neighborhood Discovery option in Contiki-NG, and c...

Contiki-NG 安全漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A security vulnerability exists in Contiki-NG 4.7 and earlier versions, which stems from a buffer overflow that could be caused when an attacker copies an IPv6 address prefix in the...

CVE-2021-21410

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function uncompresshdriphc does not perform proper boundary chec...

Contiki-NG 缓冲区错误漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds read vulnerability exists in the 6LoWPAN implementation in Contiki-NG 4.6 and earlier. The vulnerability stems from the IPv6 header decompression function not performing proper boundary...

Contiki-NG 缓冲区错误漏洞

"Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds write vulnerability exists in Contiki-NG versions prior to 4.6 when processing 6LoWPAN extension headers. The vulnerability stems from a failure to check whether the written header is...

Contiki-NG buffer overflow vulnerability (CNVD-2020-49538)

Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. A buffer overflow vulnerability exists in Contiki-NG versions 4.4 through 4.5 SNMP agent. The vulnerability stems from a network system or product performing operations on memory witho...

CVE-2020-14936

Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writing parsed OID values. The function snmpoiddecodeoid may overwrite memory areas beyond the provided...

Contiki and Contiki-NG Input Validation Error Vulnerabilities

Contiki is an open source cross-platform operating system for IoT Internet of Things devices.Contiki-NG is an open source cross-platform operating system for the next generation of IoT Internet of Things devices. A security vulnerability exists in Contiki-NG 4.3 and earlier and Contiki 3.0 and...

Contiki and Contiki-NG Buffer Overflow Vulnerabilities

Contiki is an open source cross-platform operating system for IoT Internet of Things devices.Contiki-NG is an open source cross-platform operating system for the next generation of IoT Internet of Things devices. A buffer overflow vulnerability exists in Contiki-NG 4.3 and earlier and Contiki 3.0...

Contiki-NG buffer overflow vulnerability (CNVD-2019-09779)

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. A buffer overflow vulnerability exists in lvmshiftforoperator in os/storage/antelope/lvm.c in Contiki-NG 4.1 and earlier versions when parsing AQL, which can be exploited by an attacker to cause a denial...

Contiki-NG Buffer Over-Read Vulnerability

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. A buffer over-read vulnerability exists in lookup in os/storage/antelope/lvm.c in Contiki-NG 4.1 and earlier versions when parsing AQL, which can be exploited by an attacker to cause a denial of service...

CVE-2018-16663

An issue was discovered in Contiki-NG through 4.1. There is a stack-based buffer overflow in parserelations in os/storage/antelope/aql-parser.c while parsing AQL storage of relations...