CVE-2020-27635

In PicoTCP 1.7.0, TCP ISNs are improperly random...

CVE-2023-35846

VirtualSquare picoTCP aka PicoTCP-NG through 2.1 does not check the transport layer length in a frame before performing port filtering...

CVE-2023-35848

VirtualSquare picoTCP aka PicoTCP-NG through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member...

PT-2023-25340 · Virtualsquare · Virtualsquare Picotcp

Name of the Vulnerable Software and Affected Versions: VirtualSquare picoTCP aka PicoTCP-NG versions through 2.1 Description: The issue is related to the lack of a Maximum Segment Size MSS lower bound, which could potentially be set to zero. This affects the VirtualSquare picoTCP aka PicoTCP-NG...

PT-2023-25342 · Virtualsquare · Virtualsquare Picotcp

Name of the Vulnerable Software and Affected Versions: VirtualSquare picoTCP aka PicoTCP-NG versions 2.1 and earlier Description: The issue arises from improper checking of header sizes, which could lead to accessing data outside of a packet. Recommendations: For VirtualSquare picoTCP aka...

SUSE CVE-2020-17441

An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either Denial-of-Service...

SUSE CVE-2020-24339

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in picodnsdecompressname in picodnscommon.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet, causing...

SUSE CVE-2020-24338

An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in picodnsdecompressname in picodnscommon.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet, causing out-of-bounds writ...

SUSE CVE-2020-24341

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in picotcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Servic...

CVE-2020-17441

An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either Denial-of-Service...

Altran picoTCP and picoTCP-NG Buffer Error Vulnerability

Altran picoTCP is a small footprint modular open source TCP/IP stack from Altran Belgium, designed for embedded systems and the Internet of Things. A buffer error vulnerability exists in picoTCP and picoTCP-NG, which stems from the inability of the TCP input data handling function to validate the...

Altran EESY Belgium Picotcp Buffer Error Vulnerability

Altran EESY Belgium Picotcp is a software from the Altran EESY Belgium community that provides TCP/IP protocol support for real-time systems. Altran EESY Belgium picoTCP-NG and picoTCP suffer from a buffer error vulnerability that stems from not checking the validity of their option lengths, whic...