CVE-2023-34101
CVE-2023-34101 affects Contiki-NG prior to 4.9. In processing ICMP DAO packets, the function dao_input_storing may read up to 16 bytes beyond the buffer due to not verifying buffer size, causing an out-of-bounds read. An attacker can truncate ICMP packets to trigger this. A patch is available in ...