CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop

RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A malicious actor can send a IEEE 802.15.4 packet with spoofed length byte and optionally spoofed FCS, which eventually results into an endless...

PT-2024-35992 · Riot · Riot

Name of the Vulnerable Software and Affected Versions: RIOT affected versions not specified Description: A malicious actor can send a IEEE 802.15.4 packet with a spoofed length byte and optionally a spoofed FCS, resulting in an endless loop on a CC2538 receiver. The issue arises from the receiver...