CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21281 – Buffer overflow due to unvalidated TCP data offset
https://notcve.org/view.php?id=CVE-2021-21281
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. A buffer overflow vulnerability exists in Contiki-NG versions prior to 4.6. After establishing a TCP socket using the tcp-socket library, it is possible for the remote end to send a packet with a data offset that is unvalidated. The problem has been patched in Contiki-NG 4.6. Users can apply the patch for this vulnerability out-of-band as a workaround. • https://github.com/contiki-ng/contiki-ng/pull/1366 https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-mc42-fqfr-h9fp • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21282 – Buffer overflow in RPL source routing header processing
https://notcve.org/view.php?id=CVE-2021-21282
Contiki-NG is an open-source, cross-platform operating system for internet of things devices. In versions prior to 4.5, buffer overflow can be triggered by an input packet when using either of Contiki-NG's two RPL implementations in source-routing mode. The problem has been patched in Contiki-NG 4.5. Users can apply the patch for this vulnerability out-of-band as a workaround. Contiki-NG es un sistema operativo de código abierto y multiplataforma para dispositivos del Internet de las cosas. • https://github.com/contiki-ng/contiki-ng/pull/1183 https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-6xf2-77gf-fgjx • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 4%CPEs: 2EXPL: 0CVE-2020-24336
https://notcve.org/view.php?id=CVE-2020-24336
An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled. Se detectó un problema en Contiki versiones hasta 3.0 y Contiki-NG versiones hasta 4.5. • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 https://www.kb.cert.org/vuls/id/815128 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-13988
https://notcve.org/view.php?id=CVE-2020-13988
An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c. Se detectó un problema en Contiki versiones hasta 3.0. Se presenta un Desbordamiento de Enteros en el componente uIP TCP/IP Stack cuando se analizan las opciones TCP MSS de los paquetes de red IPv4 en la función uip_process en el archivo net/ipv4/uip.c • https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 https://www.kb.cert.org/vuls/id/815128 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2019-9183
https://notcve.org/view.php?id=CVE-2019-9183
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This results in accesses of unmapped memory, crashing the application. An attacker can cause a denial-of-service via a crafted 6LoWPAN frame. Se descubrió un problema en Contiki-NG a través de 4.3 y Contiki a través de 3.0. • https://github.com/contiki-ng/contiki-ng/pull/972 https://github.com/contiki-ng/contiki-ng/releases/tag/release%2Fv4.4 https://www.usenix.org/system/files/sec20summer_clements_prepub.pdf • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •