CVE-2020-17469

Concrete details available: CVE-2020-17469 affects FNET up to version 4.6.4 in the IPv6 fragment reassembly path. The bug is an uninitialized pointer dereference in _fnet_ip6_reassembly (fnet_ip6.c) when handling fragments with holes in a non-empty list, enabling Denial-of-Service. Affects FNET's...

CVE-2020-17469

An issue was discovered in FNET through 4.6.4. The code for IPv6 fragment reassembly tries to access a previous fragment starting from a network incoming fragment that still doesn't have a reference to the previous one which supposedly resides in the reassembly list. When faced with an incoming...

CVE-2020-17468

An issue was discovered in FNET through 4.6.4. The code for processing the hop-by-hop header in the IPv6 extension headers doesn't check for a valid length of an extension header, and therefore an out-of-bounds read can occur in fnetip6extheaderhandleroptions in fnetip6.c, leading to...

CVE-2020-17468

CVE-2020-17468 – FNET : A flaw in FNET up to v4.6.4 in the IPv6 hop-by-hop extension header processing does not validate the extension header length, enabling an out-of-bounds read that can cause Denial-of-Service. Connected sources corroborate the issue as part of AMNESIA:33, affecting FNET’s fn...

CVE-2020-17467

The CVE-2020-17467 issue affects the FNET stack up to version 4.6.4, where hostname processing for LLMNR requests does not terminate with a null character. This can cause the code path in fnet_llmnr_poll to deduce an incorrect hostname length, enabling information disclosure in responses to malic...

CVE-2020-17467

An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information Disclosure in fnetllmnrpo...

PT-2020-15010 · Fnet · Fnet

Name of the Vulnerable Software and Affected Versions: FNET versions through 4.6.4 Description: An issue was discovered in the code for processing the hop-by-hop header in the IPv6 extension headers. The code does not check for a valid length of an extension header, which can lead to an...

PT-2020-15721 · Fnet · Fnet

Name of the Vulnerable Software and Affected Versions: FNET versions through 4.6.4 Description: An issue was discovered in the code for processing resource records in mDNS queries, which doesn't check for proper '0' termination of the resource record name string, leading to an out-of-bounds read,...

PT-2020-15009 · Fnet · Fnet

Name of the Vulnerable Software and Affected Versions: FNET versions through 4.6.4 Description: An issue was discovered in the code for processing the hostname from an LLMNR request, which doesn't check for '0' termination. This may lead to Information Disclosure in fnet llmnr poll in fnet llmnr....

PT-2020-15011 · Fnet · Fnet

Name of the Vulnerable Software and Affected Versions: FNET versions through 4.6.4 Description: An issue in the IPv6 fragment reassembly code causes an uninitialized pointer dereference in the fnet ip6 reassembly function in fnet ip6.c, leading to a Denial-of-Service. This occurs when the code...

FNET Buffer Error Vulnerability

FNET is a soft armor from the FNET organization that provides dual TCP / IPv4 and IPv6 stack support for 32-bit MCUs. FNET suffers from a buffer error vulnerability that stems from a function that handles IPv6 hop-by-hop extension headers not checking the validity of their option lengths, allowin...

FNET Buffer Error Vulnerability

FNET is a soft armor from the FNET organization that provides dual TCP / IPv4 and IPv6 stack support for 32-bit MCUs. FNET suffers from a buffer error vulnerability that stems from parsing incoming DNS packets without checking if the domain name is null terminated. This could allow an attacker to...

FNET Buffer Error Vulnerability

FNET is a soft armor from the FNET organization that provides dual TCP / IPv4 and IPv6 stack support for 32-bit MCUs. A buffer error vulnerability exists in FNET's IPv6 packet reorganization feature that stems from the fact that FNET does not check to see if the fragments are received correctly...

FNET Buffer Error Vulnerability

FNET is a soft armor from the FNET organization that provides dual TCP / IPv4 and IPv6 stack support for 32-bit MCUs. FNET suffers from a buffer error vulnerability that stems from resolving link-local multicast name resolution LLMNR requests without checking if the domain name terminates with...