6 matches found
CVE-2025-64096 CryptoLib vulnerable to Stack Buffer Overflow in Crypto_Key_Update due to missing TLV length check
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures SDLS-EP to secure communications between a spacecraft running the core Flight System cFS and a ground station. Prior to 1.4.2, there is a missing bounds check in CryptoKeyupdate...
CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A malicious actor can send a IEEE 802.15.4 packet with spoofed length byte and optionally spoofed FCS, which eventually results into an endless...
CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A malicious actor can send a IEEE 802.15.4 packet with spoofed length byte and optionally spoofed FCS, which eventually results into an endless...
CVE-2024-53980
RIOT OS vulnerability affecting CC2538 radio reception. A malicious actor can send a IEEE 802.15.4 packet with a spoofed length byte (and optionally spoofed FCS), causing the receiver to enter an endless loop. The root cause is the CRC position check: before PR #20998 the code used the full 8 bit...
CVE-2024-53980 Spoofed length byte traps CC2538 in endless loop
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things IoT devices and other embedded devices. A malicious actor can send a IEEE 802.15.4 packet with spoofed length byte and optionally spoofed FCS, which eventually results into an endless...
PT-2024-35992 · Riot · Riot
Name of the Vulnerable Software and Affected Versions: RIOT affected versions not specified Description: A malicious actor can send a IEEE 802.15.4 packet with a spoofed length byte and optionally a spoofed FCS, resulting in an endless loop on a CC2538 receiver. The issue arises from the receiver...