4 matches found
CVE-2022-36053
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module os/net/ipv6/uipbuf.c that processes IPv6 extension headers in incoming data packets. As part of this processing, the function...
CVE-2022-36053 Out-of-bounds read in the uIP buffer module
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module os/net/ipv6/uipbuf.c that processes IPv6 extension headers in incoming data packets. As part of this processing, the function...
CVE-2022-36053 Out-of-bounds read in the uIP buffer module
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module os/net/ipv6/uipbuf.c that processes IPv6 extension headers in incoming data packets. As part of this processing, the function...
CVE-2022-36053
Contiki-NG prior to 4.8 is affected by an out-of-bounds read in the IPv6 extension header processing inside the low-power uIP buffer (uipbuf_get_next_header). The vulnerability arises from casting a pointer to a uip_ext_hdr into the packet buffer at varying offsets without proper bounds checking,...