CVE-2023-31129

Name of the Vulnerable Software and Affected Versions Contiki-NG versions 4.8 and prior

Description The issue arises from the message handling code for IPv6 router solicitations in Contiki-NG, which contains an implementation of IPv6 Neighbor Discovery (ND) in the module os/net/ipv6/uip-nd6.c. The ND protocol includes a message type called Router Solicitation (RS), used to locate routers and update their address information via the SLLAO (Source Link-Layer Address Option). If the indicated source address changes, a given neighbor entry is set to the STALE state. The message handler does not check for RS messages with an SLLAO that indicates a link-layer address change, leading to the dereference of a NULL pointer of type uip ds6 nbr t.

Recommendations For Contiki-NG versions 4.8 and prior, apply Contiki-NG pull request #2271 to patch the problem directly as a workaround. The problem has been patched in the develop branch of Contiki-NG, and will be included in the upcoming 4.9 release.