CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-17440
https://notcve.org/view.php?id=CVE-2020-17440
11 Dec 2020 — An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that domain names present in the DNS responses have '\0' termination. This results in errors when calculating the offset of the pointer that jumps over domain name bytes in DNS response packets when a name lacks this termination, and eventually leads to dereferencing the pointer at an invalid/arbitrary address, within newdata() and parse_name() in resolv.c. Se detectó un... • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-17439
https://notcve.org/view.php?id=CVE-2020-17439
11 Dec 2020 — An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that the incoming DNS replies match outgoing DNS queries in newdata() in resolv.c. Also, arbitrary DNS replies are parsed if there was any outgoing DNS query with a transaction ID that matches the transaction ID of an incoming reply. Provided that the default DNS cache is quite small (only four records) and that the transaction ID has a very limited set of values that is... • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-17438
https://notcve.org/view.php?id=CVE-2020-17438
11 Dec 2020 — An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. By crafting a packet with specific values of the IP header length and the fragmentation offset, attackers can write into the .bss section of the program (past the statically allocated buffer that is used for storing the frag... • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 21EXPL: 0CVE-2020-17437 – Ubuntu Security Notice USN-6259-1
https://notcve.org/view.php?id=CVE-2020-17437
11 Dec 2020 — An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can... • https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2020-13987 – Ubuntu Security Notice USN-6259-1
https://notcve.org/view.php?id=CVE-2020-13987
11 Dec 2020 — An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c. Se detectó un problema en Contiki versiones hasta 3.0. Se presenta una vulnerabilidad de Lectura Fuera de Límites en el componente uIP TCP/IP Stack cuando se calculan las sumas de comprobación para paquetes IP en la función upper_layer_chksum en el archivo net/ipv4/uip.c Jos Wetzels, Stanislav ... • https://cert-portal.siemens.com/productcert/pdf/ssa-541018.pdf • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13986
https://notcve.org/view.php?id=CVE-2020-13986
11 Dec 2020 — An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c. Se detectó un problema en Contiki versiones hasta 3.0. Se presenta un bucle infinito en el componente uIP TCP/IP Stack cuando se manejan encabezados de extensión RPL de paquetes de red IPv6 en la función rpl_remove_header en el archivo net/rpl/rpl-ext-header.c • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13985
https://notcve.org/view.php?id=CVE-2020-13985
11 Dec 2020 — An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c. Se detectó un problema en Contiki versiones hasta 3.0. Se presenta una vulnerabilidad de corrupción de memoria en el componente uIP TCP/IP Stack cuando se manejan encabezados de extensión RPL de paquetes de red IPv6 en la función rpl_remove_header en el archivo net/rpl/rpl-... • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-190: Integer Overflow or Wraparound CWE-681: Incorrect Conversion between Numeric Types CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13984
https://notcve.org/view.php?id=CVE-2020-13984
11 Dec 2020 — An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c. Se detectó un problema en Contiki versiones hasta 3.0. Se presenta un bucle infinito en el componente uIP TCP/IP Stack cuando se procesan encabezados de extensión IPv6 en la función ext_hdr_options_process en el archivo net/ipv6/uip6.c • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-9183
https://notcve.org/view.php?id=CVE-2019-9183
23 Apr 2020 — An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This results in accesses of unmapped memory, crashing the application. An attacker can cause a denial-of-service via a crafted 6LoWPAN frame. Se descubrió un problema en Contiki-NG a través de 4.3 y Contiki a través de 3.0. • https://github.com/contiki-ng/contiki-ng/pull/972 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8359
https://notcve.org/view.php?id=CVE-2019-8359
23 Apr 2020 — An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c. Se detectó un problema en Contiki-NG versiones hasta 4.3 y Contiki versiones hasta 3.0. Una escritura fuera de límites está presente en la sección de datos durante el reensamblaje de fragmentos 6LoWPAN frente a las compensaciones de fragmentos forjados en el archivo os/net/ipv6/... • https://github.com/contiki-ng/contiki-ng/pull/972 • CWE-787: Out-of-bounds Write •