Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:4 a.m.9 views

CVE-2023-37459

Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when a packet is received, the Contiki-NG network stack attempts to start the periodic TCP timer if it is a TCP packet with the SYN flag set. But the implementation does not first verify that a full TCP...

5.3CVSS7AI score0.00386EPSS
Exploits0References1
Circl
Circl
added 2023/09/16 12:25 a.m.5 views

CVE-2023-37459

creationtimestamp| type| source ---|---|--- 2023-09-16 00:25:55+00:00| published-proof-of-concept| https://t.me/cibsecurity/70620...

5.3CVSS5.5AI score0.00386EPSS
Exploits0References1
CVE
CVE
added 2023/09/15 7:19 p.m.100 views

CVE-2023-37459

CVE-2023-37459 maps to Contiki-NG ≤ 4.9, where the network stack, on receiving a TCP packet with the SYN flag, may access the TCP header before ensuring it is complete. This can trigger an out-of-bounds read from the packet buffer due to reading the flags field in check_for_tcp_syn. The result is...

5.3CVSS5.3AI score0.00386EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/09/15 7:19 p.m.22 views

CVE-2023-37459 Out-of-bounds read when processing a received IPv6 packet

Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when a packet is received, the Contiki-NG network stack attempts to start the periodic TCP timer if it is a TCP packet with the SYN flag set. But the implementation does not first verify that a full TCP...

5.3CVSS7AI score0.00386EPSS
Exploits0References2
Rows per page
Query Builder