The vulnerability in the implementation of the ISN generator of the protocol stack used in Contiki OS and uIP allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the ISN generator implementation used in the Contiki OS and uIP is related to the use of insufficiently random values. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

DEBIAN-CVE-2020-17437

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by...

CVE-2020-13985

An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rplremoveheader in net/rpl/rpl-ext-header.c...

uIP-Contiki-OS 输入验证错误漏洞

Contiki is an open source, highly portable, networked multitasking operating system for memory-constrained systems. An infinite loop vulnerability exists in rplremoveheader in net/rpl/rpl-ext-header.c in the uIP TCP/IP stack component in Contiki 3.0 and earlier when processing RPL extended header...