Lucene search
K

78 matches found

OSV
OSV
added 2024/11/27 6:20 p.m.5 views

CVE-2023-29001 Uncontrolled recursion due to insufficient validation of the IPv6 source routing header in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers SRH in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming...

8.7CVSS6.7AI score0.00538EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/11/27 6:20 p.m.22 views

CVE-2023-29001 Uncontrolled recursion due to insufficient validation of the IPv6 source routing header in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers SRH in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming...

8.7CVSS0.00538EPSS
Exploits0References2
CVE
CVE
added 2024/11/27 6:20 p.m.69 views

CVE-2023-29001

CVE-2023-29001 affects Contiki-NG. The IPv6 SRH processing in Contiki-NG’s two RPL implementations can cause an uncontrolled recursion in the function tcpip_ipv6_output when a packet with a local next-hop address is received, potentially triggering a stack overflow. Exploitation requires attacker...

8.7CVSS6.9AI score0.00538EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/27 6:20 p.m.35 views

CVE-2023-29001 Uncontrolled recursion due to insufficient validation of the IPv6 source routing header in Contiki-NG

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers SRH in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming...

8.7CVSS6.7AI score0.00538EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/11/27 12:0 a.m.10 views

PT-2024-12187 · Unknown · Contiki-Ng

Name of the Vulnerable Software and Affected Versions: Contiki-NG affected versions not specified Description: The Contiki-NG operating system has an issue with its IPv6 implementation, specifically in the processing of source routing headers SRH in its two alternative RPL protocol implementation...

8.7CVSS7.1AI score0.00538EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/07/02 9:2 a.m.6 views

kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref

A use-after-free flaw was found in the Linux kernel’s IPv6 protocol functionality. This flaw allows a local user to potentially crash the system...

5.5CVSS6.8AI score0.00272EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/30 12:0 a.m.6 views

PT-2023-19798 · Riot-Os · Riot-Os

Name of the Vulnerable Software and Affected Versions: RIOT-OS versions prior to 2023.04 Description: The issue affects the network stack of RIOT-OS, specifically in the processing of 6LoWPAN frames. An attacker can send a crafted frame, resulting in an integer underflow and out of bounds access ...

7.5CVSS7.6AI score0.00635EPSS
Exploits0References3
CNVD
CNVD
added 2021/06/22 12:0 a.m.8 views

Contiki-NG buffer overflow vulnerability (CNVD-2021-44268)

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. A buffer overflow vulnerability exists in the RPL source routing header processing in Contiki-NG versions prior to 4.5. An attacker could exploit this vulnerability to cause a denial of service...

9.8CVSS7.1AI score0.00993EPSS
Exploits0References1
CNVD
CNVD
added 2021/06/22 12:0 a.m.6 views

Contiki-NG out-of-bounds write vulnerability (CNVD-2021-44269)

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds write vulnerability exists in the rplextheadersrhupdate function in rpl-ext-header.c in the RPL-Classic and RPL-Lite implementations of Contiki-NG prior to version 4.6. The vulnerability...

8.2CVSS6.9AI score0.01088EPSS
Exploits0References1
OSV
OSV
added 2021/06/18 9:15 p.m.4 views

CVE-2021-21257

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...

7.5CVSS5.6AI score0.01088EPSS
Exploits0References2
NVD
NVD
added 2021/06/18 9:15 p.m.18 views

CVE-2021-21257

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. The RPL-Classic and RPL-Lite implementations in the Contiki-NG operating system versions prior to 4.6 do not validate the address pointer in the RPL source routing header This makes it possible for an...

8.2CVSS0.01088EPSS
Exploits0References2
NVD
NVD
added 2021/06/18 8:15 p.m.17 views

CVE-2021-21282

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG...

9.8CVSS0.00993EPSS
Exploits0References2
OSV
OSV
added 2021/06/18 8:15 p.m.5 views

CVE-2021-21282

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG...

9.8CVSS5.8AI score0.00993EPSS
Exploits0References2
Prion
Prion
added 2021/06/18 8:15 p.m.16 views

Buffer overflow

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG...

7.5CVSS9.6AI score0.00993EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/06/18 8:0 p.m.19 views

CVE-2021-21282 Buffer overflow in RPL source routing header processing

Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG...

8.6CVSS9.8AI score0.00993EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/06/18 12:0 a.m.5 views

Contiki-NG 安全漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. A buffer overflow vulnerability exists in the RPL source routing header processing in Contiki-NG versions prior to 4.5. An attacker could exploit this vulnerability to cause a denial of service...

9.8CVSS6.1AI score0.00993EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/06/18 12:0 a.m.5 views

Contiki-NG 缓冲区错误漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds write vulnerability exists in the rplextheadersrhupdate function in rpl-ext-header.c in the RPL-Classic and RPL-Lite implementations of Contiki-NG prior to version 4.6. The vulnerability...

8.2CVSS5.7AI score0.01088EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/02/09 12:0 a.m.8 views

Microsoft Windows TCP/IP 安全漏洞

The Microsoft Windows operating system is a set of operating systems developed by Microsoft Corporation in the United States. A remote code execution vulnerability exists in Microsoft Windows TCP/IP, which can be triggered by constructing special IP source routing packets, and an attacker who...

9.8CVSS8.2AI score0.25708EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2019/01/23 12:0 a.m.7 views

Linux: Accept source routed packets

Source Routing enables a sender of a packet to specify the route the packet takes in a network. If source routed packages are accepted, an attacker could reach the system even if the private addresses are not routable from the internet. This script tests whether the Linux host is configured to...

7.1AI score
Exploits0References5
OpenVAS
OpenVAS
added 2018/06/15 12:0 a.m.120 views

Microsoft Windows: MSS: IP source routing protection level

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winmlipsourcerouting.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for MSS: DisableIPSourceRouting IP source routing protection level protects against packet spoofing Authors: Emanuel Moss Copyright: Copyright c 2018...

7.3AI score
Exploits0
Rows per page
Query Builder