PT-2023-19807 · Riot-Os · Riot-Os

Diff-Fusion

·

Publicado

2023-05-30

·

Atualizado

2023-06-07

·

CVE-2023-24825

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions RIOT-OS versions prior to 2023.04
Description The issue affects the network stack of RIOT-OS, specifically its ability to process 6LoWPAN frames. An attacker can send a crafted frame to trigger a NULL pointer dereference, leading to denial of service. There are no known workarounds for this issue.
Recommendations For versions prior to 2023.04, update to version 2023.04 to resolve the issue.

Exploit

Correção

Unchecked Return Value

NULL Pointer Dereference

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-252CWE-476

Identificadores relacionados

CVE-2023-24825
GHSA-XQM8-XJ74-FJW2

Produtos afetados

Riot-Os