CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21282 – Buffer overflow in RPL source routing header processing
https://notcve.org/view.php?id=CVE-2021-21282
18 Jun 2021 — Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG 4.5. Users can apply the patch for this vulnerability out-of-band as a workaround. Contiki-NG es un sistema operativo de código abierto y multiplataforma para dispositivos del Internet de las cosas. • https://github.com/contiki-ng/contiki-ng/pull/1183 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2020-24336
https://notcve.org/view.php?id=CVE-2020-24336
11 Dec 2020 — An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled. Se detectó un problema en Contiki versiones hasta 3.0 y Contiki-NG versiones hasta 4.5. • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13988 – Ubuntu Security Notice USN-6259-1
https://notcve.org/view.php?id=CVE-2020-13988
11 Dec 2020 — An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c. Se detectó un problema en Contiki versiones hasta 3.0. Se presenta un Desbordamiento de Enteros en el componente uIP TCP/IP Stack cuando se analizan las opciones TCP MSS de los paquetes de red IPv4 en la función uip_process en el archivo net/ipv4/uip.c Jos Wetzels, Stanislav Dashevskyi, and Amine Amri discover... • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 1CVE-2020-14935
https://notcve.org/view.php?id=CVE-2020-14935
18 Aug 2020 — Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP bulk get request response encoding function. The function parsing the received SNMP request does not verify the input message's requested variables against the capacity of the internal SNMP engine buffer. When a bulk get request response is assembled, a stack buffer dedicated for OIDs (with a limited capacity) is allocated in snmp_engine_get_bulk(). When snmp_engine_get_bulk() is populating the stack buffer, an overflow condition ma... • https://drive.google.com/file/d/1qp3ZXaFRiR_imWg0lUbI7-D-hIT268EB/view?usp=sharing • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-9183
https://notcve.org/view.php?id=CVE-2019-9183
23 Apr 2020 — An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This results in accesses of unmapped memory, crashing the application. An attacker can cause a denial-of-service via a crafted 6LoWPAN frame. Se descubrió un problema en Contiki-NG a través de 4.3 y Contiki a través de 3.0. • https://github.com/contiki-ng/contiki-ng/pull/972 • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-8359
https://notcve.org/view.php?id=CVE-2019-8359
23 Apr 2020 — An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. An out of bounds write is present in the data section during 6LoWPAN fragment re-assembly in the face of forged fragment offsets in os/net/ipv6/sicslowpan.c. Se detectó un problema en Contiki-NG versiones hasta 4.3 y Contiki versiones hasta 3.0. Una escritura fuera de límites está presente en la sección de datos durante el reensamblaje de fragmentos 6LoWPAN frente a las compensaciones de fragmentos forjados en el archivo os/net/ipv6/... • https://github.com/contiki-ng/contiki-ng/pull/972 • CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-20579
https://notcve.org/view.php?id=CVE-2018-20579
28 Dec 2018 — Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character. Contiki-NG, en versiones anteriores a la 4.2, tiene un desbordamiento de búfer basado en pila en la función push en os/lib/json/jsonparse.c que permite una escritura fuera de límites de un carácter "{" o "[". • https://github.com/contiki-ng/contiki-ng/issues/601 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 1CVE-2018-19417
https://notcve.org/view.php?id=CVE-2018-19417
21 Nov 2018 — An issue was discovered in the MQTT server in Contiki-NG before 4.2. The function parse_publish_vhdr() that parses MQTT PUBLISH messages with a variable length header uses memcpy to input data into a fixed size buffer. The allocated buffer can fit only MQTT_MAX_TOPIC_LENGTH (default 64) bytes, and a length check is missing. This could lead to Remote Code Execution via a stack-smashing attack (overwriting the function return address). Contiki-NG does not separate the MQTT server from other servers and the OS... • https://github.com/contiki-ng/contiki-ng/issues/600 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 11%CPEs: 1EXPL: 1CVE-2018-1000804
https://notcve.org/view.php?id=CVE-2018-1000804
08 Oct 2018 — contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL (Antelope Query Language) database engine that can result in Attacker can perform Remote Code Execution on device using Contiki-NG operating system. This attack appear to be exploitable via Attacker must be able to run malicious AQL code (e.g. via SQL-like Injection attack). contiki-ng 4 contiene una vulnerabilidad de desbordamiento de búfer en el motor de la base de datos AQL (Antelope Query Language) que puede resultar en que un atacante... • https://github.com/contiki-ng/contiki-ng/issues/594 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •