CVE-2020-24339
The CVE concerns picoTCP/picoTCP-NG up to version 1.7.0 where DNS domain name decompression (pico_dns_decompress_name in pico_dns_common.c) does not validate compression pointer offsets against the DNS packet data, causing out-of-bounds reads and Denial-of-Service. The issue affects picoTCP and p...