CVE-2018-16598
The CVE-2018-16598 issue affects AWS FreeRTOS up to 1.3.1 (and FreeRTOS up to v10.0.1 with FreeRTOS+TCP) and the WHIS Connect TCP/IP component. The vulnerability is that in xProcessReceivedUDPPacket and prvParseDNSReply, any DNS response is accepted without confirming it matches a sent DNS reques...