213 matches found
CVE-2023-24826 Usage of Uninitialized Timer during forwarding of Fragments with SFR
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send crafted frames to the device to trigger the usage of an uninitialized object leading to denial of service. This issu...
CVE-2023-24826
CVE-2023-24826 affects RIOT-OS on IoT devices with its 6LoWPAN-capable network stack. Before version 2023.04, an attacker can send crafted frames that trigger the use of an uninitialized object, causing a denial of service. The issue is fixed in version 2023.04. A workaround is to disable fragmen...
CVE-2023-24826 Usage of Uninitialized Timer during forwarding of Fragments with SFR
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send crafted frames to the device to trigger the usage of an uninitialized object leading to denial of service. This issu...
CVE-2023-24825
RIOT-OS’s 6LoWPAN frame handling in the GNRC network stack is vulnerable to a NULL pointer dereference when processing crafted frames. This affects versions prior to 2023.04 and can lead to denial of service. The issue is fixed in version 2023.04; there are no known workarounds. Upgrade to 2023.0...
CVE-2023-24825 RIOT-OS vulnerable to NULL pointer dereference in gnrc_pktbuf_mark
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device to trigger a NULL pointer dereference leading to denial of service. This issue is fixe...
CVE-2023-24825 RIOT-OS vulnerable to NULL pointer dereference in gnrc_pktbuf_mark
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device to trigger a NULL pointer dereference leading to denial of service. This issue is fixe...
CVE-2023-24817
CVE-2023-24817 affects RIOT-OS, specifically the 6LoWPAN processing in its network stack. A crafted 6LoWPAN frame sent to affected devices prior to version 2023.04 can trigger an integer underflow and out-of-bounds access in the packet buffer, potentially corrupting other packets or allocator met...
CVE-2023-24817 RIOT-OS vulnerable to Out of Bounds write in routing with SRH
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer...
CVE-2023-24817 RIOT-OS vulnerable to Out of Bounds write in routing with SRH
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer...
CVE-2023-24817 RIOT-OS vulnerable to Out of Bounds write in routing with SRH
RIOT-OS, an operating system for Internet of Things IoT devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer...
PT-2023-19807 · Riot-Os · Riot-Os
Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2023.04 Description: The issue affects the network stack of RIOT-OS, specifically its ability to process 6LoWPAN frames. An attacker can send a crafted frame to trigger a NULL pointer dereference, leading to denial o...
RIOT RIOT-OS 安全漏洞
RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A security vulnerability exists in versions of RIOT-OS prior to 2023.04 that stems from a null pointer dereference, which can be exploited by an attacker to conduct a denial-of-service attack...
PT-2023-3147 · Riot-Os · Riot-Os
Name of the Vulnerable Software and Affected Versions: RIOT-OS versions 2023.01 and prior Description: The issue is related to the processing of 6LoWPAN frames in the network stack of RIOT-OS, an operating system for Internet of Things IoT devices. An attacker can send a crafted frame that, when...
RIOT RIOT-OS 缓冲区错误漏洞
RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A security vulnerability exists in RIOT-OS 2023.01 and earlier versions, which stems from a buffer out-of-bounds write and can be exploited by an attacker to conduct a denial-of-service attack...
PT-2023-19798 · Riot-Os · Riot-Os
Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2023.04 Description: The issue affects the network stack of RIOT-OS, specifically in the processing of 6LoWPAN frames. An attacker can send a crafted frame, resulting in an integer underflow and out of bounds access ...
RIOT RIOT-OS 竞争条件问题漏洞
RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A security vulnerability exists in RIOT RIOT-OS 2023.01 and earlier versions, which stems from triggering a race condition and can be exploited by an attacker to conduct a denial-of-service attack...
RIOT-OS Buffer Overflow Vulnerability
RIOT-OS is an operating system that supports IoT devices and contains a network stack capable of handling 6LoWPAN frames. Versions of RIOT-OS prior to 2022.10 suffer from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code...
RIOT-OS Denial of Service Vulnerability
RIOT-OS is an operating system that supports IoT devices and contains a network stack capable of handling 6LoWPAN frames. A denial of service vulnerability exists in versions of RIOT-OS prior to 2022.10, which can be exploited by an attacker to launch a denial of service attack...
CVE-2023-24823
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a type confusion between IPv6 extension headers and a UDP header...
CVE-2023-24821
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write wil...