13 matches found
EUVD-2023-31831
Malicious code in bioql PyPI...
CVE-2022-41972
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 contain a NULL Pointer Dereference in BLE L2CAP module. The Contiki-NG operating system for IoT devices contains a Bluetooth Low Energy stack. An attacker can inject a packet in th...
Buffer overflow
Contiki-NG is an open-source, cross-platform operating system for internet of things IoT devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer packetbuf for processing o...
CVE-2023-28116 Buffer overflow in L2CAP due to misconfigured MTU
Contiki-NG is an open-source, cross-platform operating system for internet of things IoT devices. In versions 4.8 and prior, an out-of-bounds write can occur in the BLE L2CAP module of the Contiki-NG operating system. The network stack of Contiki-NG uses a global buffer packetbuf for processing o...
CVE-2023-28116
CVE-2023-28116 concerns Contiki-NG (IoT OS) prior to v4.9, where the BLE L2CAP module can cause an out-of-bounds write due to a mis sized packet buffer. The global packetbuf (size PACKETBUF_SIZE) may be exceeded when processing large packets with BLE L2CAP in the default configuration, leading to...
PT-2023-21574 · Unknown · Contiki-Ng
Name of the Vulnerable Software and Affected Versions: Contiki-NG versions 4.8 and prior Description: Contiki-NG is an open-source, cross-platform operating system for internet of things IoT devices. In the affected versions, an out-of-bounds write can occur in the BLE L2CAP module of the...
CVE-2023-23609
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol BLE-L2C...
Out-of-bounds
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol BLE-L2C...
CVE-2023-23609 contiki-ng BLE-L2CAP contains Improper size validation of L2CAP frames
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol BLE-L2C...
CVE-2023-23609
Contiki-NG up to and including version 4.8 is affected by an out-of-bounds write in the BLE-L2CAP module during reassembly of fragmented packets. The issue arises because the packet buffer is not checked for sufficient size, potentially allowing writes of up to 1152 bytes. The vulnerability is un...
CVE-2023-23609 contiki-ng BLE-L2CAP contains Improper size validation of L2CAP frames
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol BLE-L2C...
CVE-2022-41972 Contiki-NG contains NULL Pointer Dereference in BLE L2CAP module
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 contain a NULL Pointer Dereference in BLE L2CAP module. The Contiki-NG operating system for IoT devices contains a Bluetooth Low Energy stack. An attacker can inject a packet in th...
CVE-2022-41873 Out-of-bounds read and write in BLE L2CAP module
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 are vulnerable to an Out-of-bounds read. While processing the L2CAP protocol, the Bluetooth Low Energy stack of Contiki-NG needs to map an incoming channel ID to its metadata...