Archigup

**Name of the Vulnerable Software and Affected Versions** FreeRTOS-Plus-TCP versions prior to V4.4.1 FreeRTOS-Plus-TCP versions prior to V4.2.6 **Description** An integer underflow exists in the ICMP and ICMPv6 echo reply handlers when outgoing ping support is enabled. This occurs because header sizes are subtracted from a packet length field without verifying if the field is sufficiently large, leading to a heap out-of-bounds read of approximately 65KB. An adjacent network user can exploit this to cause a denial of service, resulting in a device crash. **Recommendations** Upgrade to version V4.4.1 or later. Upgrade to version V4.2.6 or later.