PT-2021-2231 · Contiki · Contiki

Name of the Vulnerable Software and Affected Versions: Contiki version 4.5 Description: The issue is related to the improper randomness of TCP Initial Sequence Numbers ISNs in the Contiki OS uIP protocol stack implementation. This could allow a remote attacker to gain unauthorized access to...

CVE-2020-13986

An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...

Contiki and Contiki-NG Buffer Error Vulnerabilities

Contiki is an open source cross-platform operating system for IoT Internet of Things devices.Contiki-NG is an open source cross-platform operating system for next-generation IoT Internet of Things devices. Contiki-NG and Contiki-OS suffer from a buffer error vulnerability that stems from a lack o...

CVE-2020-17437

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by...

UBUNTU-CVE-2020-13987

An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upperlayerchksum in net/ipv4/uip.c...