CVE-2023-24820 RIOT-OS vulnerable to Integer Underflow during IPHC receive

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create a hard fault...

CVE-2023-24820 RIOT-OS vulnerable to Integer Underflow during IPHC receive

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create a hard fault...

CVE-2023-24820

RIOT-OS CVE-2023-24820 affects the 6LoWPAN network stack; processing crafted frames can trigger a large out-of-bounds write beyond the packet buffer, causing an unhandled hard fault when RAM is exhausted and a denial-of-service condition. The issue is fixed in version 2022.10; a manual patch is a...

CVE-2023-24820 RIOT-OS vulnerable to Integer Underflow during IPHC receive

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create a hard fault...

CVE-2023-24819 RIOT-OS vulnerable to Buffer Overflow during IPHC receive

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be us...

CVE-2023-24819 RIOT-OS vulnerable to Buffer Overflow during IPHC receive

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be us...

CVE-2023-24819

CVE-2023-24819 affects RIOT-OS prior to version 2022.10, where processing of 6LoWPAN frames can trigger an out-of-bounds write in the packet buffer. The attacker can craft a frame to overflow the buffer, potentially corrupting other packets and allocator metadata, leading to denial of service and...

CVE-2023-24818 RIOT-OS vulnerable to null pointer dereference during fragment forwarding

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference. During forwarding of a fragment an...

CVE-2023-24818

Summary of CVE-2023-24818 (RIOT-OS) : The RIOT-OS network stack that handles 6LoWPAN frames is affected by a NULL pointer dereference when forwarding fragmented IP datagrams. The root cause is use of an uninitialized entry in the reassembly buffer during fragment processing, which can trigger a h...

CVE-2023-24818 RIOT-OS vulnerable to null pointer dereference during fragment forwarding

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference. During forwarding of a fragment an...

PT-2023-19803 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: The issue concerns a network stack in RIOT-OS, an operating system for Internet of Things devices, which can process 6LoWPAN frames. An attacker can send a crafted frame, resulting in a large out...

PT-2023-19802 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: The issue affects the network stack of RIOT-OS, an operating system for Internet of Things devices, which can process 6LoWPAN frames. An attacker can send a crafted frame, resulting in a large ou...

PT-2023-19805 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: The issue arises from a type confusion between IPv6 extension headers and a UDP header while encoding a 6LoWPAN IPHC header in the network stack. This type confusion results in an out of bounds...

PT-2023-19799 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: The issue concerns a network stack in RIOT-OS that processes 6LoWPAN frames. An attacker can send a crafted frame, resulting in a NULL pointer dereference during the forwarding of a fragment. Thi...

PT-2023-19804 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device,...

RIOT RIOT-OS 代码问题漏洞

RIOT-OS is an operating system that supports IoT devices and contains a network stack capable of handling 6LoWPAN frames. A denial of service vulnerability exists in versions of RIOT-OS prior to 2022.10, which can be exploited by an attacker to launch a denial of service attack...

PT-2023-19800 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2022.10 Description: The network stack in RIOT-OS, which supports Internet of Things devices, contains a flaw in its ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device, resulting in...

RIOT RIOT-OS 缓冲区错误漏洞

RIOT-OS is an operating system that supports IoT devices and contains a network stack capable of handling 6LoWPAN frames. Versions of RIOT-OS prior to 2022.10 suffer from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code...

RIOT RIOT-OS 代码问题漏洞

RIOT RIOT-OS is a set of operating systems used in the IoT space. A code issue vulnerability exists in RIOT RIOT-OS versions prior to 2022.10, which can be exploited by an attacker to allow a device to send crafted frames that result in NULL pointer dereferences when encoding the 6LoWPAN IPHC...

RIOT RIOT-OS 数字错误漏洞

RIOT RIOT-OS is a set of operating systems used in the Internet of Things IoT space. A numeric error vulnerability exists in versions of RIOT-OS prior to 2022.10. An attacker exploits this vulnerability to send specially crafted frames that result in a large number of out-of-bounds writes beyond...