CVE-2018-16601

Name of the Vulnerable Software and Affected Versions Amazon Web Services (AWS) FreeRTOS versions through 1.3.1 FreeRTOS versions up to 10.0.1 WITTENSTEIN WHIS Connect middleware TCP/IP component (affected versions not specified)

Description A crafted IP header can trigger a full memory space copy in the prvProcessIPPacket function, leading to denial of service and possibly remote code execution.

Recommendations For Amazon Web Services (AWS) FreeRTOS versions through 1.3.1, update to a version later than 1.3.1 to resolve the issue. For FreeRTOS versions up to 10.0.1, update to a version later than 10.0.1 to resolve the issue. For WITTENSTEIN WHIS Connect middleware TCP/IP component, at the moment, there is no information about a newer version that contains a fix for this vulnerability.