CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27697
https://notcve.org/view.php?id=CVE-2021-27697
RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function. RIOT-OS versión 2021.01, contiene una vulnerabilidad de desbordamiento del búfer en el archivo sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c por medio de la función gnrc_rpl_validation_options() • https://github.com/RIOT-OS/RIOT/issues/16062 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27357
https://notcve.org/view.php?id=CVE-2021-27357
RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c. RIOT-OS versión 2020.01, contiene una vulnerabilidad de desbordamiento del búfer en el archivo /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c • https://github.com/RIOT-OS/RIOT/issues/16018 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15350
https://notcve.org/view.php?id=CVE-2020-15350
RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64_decode() uses an output buffer estimation function to compute the required buffer capacity and validate against the provided buffer size. The base64_estimate_decode_size() function calculates the expected decoded size with an arithmetic round-off error and does not take into account possible padding bytes. Due to this underestimation, it may be possible to craft base64 input that causes a buffer overflow. RIOT versión 2020.04, presenta un desbordamiento del búfer en el decodificador base64. • https://drive.google.com/file/d/1jMCAi8uawV1-an5uCghIxT2TEdxCE1Lk/view?usp=sharing https://github.com/RIOT-OS/RIOT/pull/14400 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-17389
https://notcve.org/view.php?id=CVE-2019-17389
In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker (via a large packet) to prevent a RIOT MQTT-SN client from working until the device is restarted. En RIOT versión 2019.07, la implementación MQTT-SN (asymcute) maneja inapropiadamente los errores que ocurren durante una operación de lectura en un socket UDP. El ciclo de recepción finaliza. • https://github.com/RIOT-OS/RIOT/pull/12382 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-16754
https://notcve.org/view.php?id=CVE-2019-16754
RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation (asymcute), potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT protocol message and the ephemeral port used by RIOT's MQTT implementation. Additionally, the server IP address is required for spoofing the packet. RIOT versión 2019.07, contiene una desreferencia del puntero NULL en la implementación MQTT-SN (asymcute), lo que permite potencialmente a un atacante bloquear un nodo de red que ejecuta RIOT. • https://github.com/RIOT-OS/RIOT/pull/12293 • CWE-476: NULL Pointer Dereference •