CVE-2018-16525

Name of the Vulnerable Software and Affected Versions Amazon Web Services (AWS) FreeRTOS versions through 1.3.1 FreeRTOS versions up to 10.0.1 WITTENSTEIN WHIS Connect middleware TCP/IP component (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary code or leak information due to a Buffer Overflow that occurs during the parsing of DNS/LLMNR packets in the prvParseDNSReply function.

Recommendations For Amazon Web Services (AWS) FreeRTOS versions through 1.3.1, update to a version later than 1.3.1 to resolve the issue. For FreeRTOS versions up to 10.0.1, update to a version later than 10.0.1 to resolve the issue. For WITTENSTEIN WHIS Connect middleware TCP/IP component, at the moment, there is no information about a newer version that contains a fix for this vulnerability.