Jerrytesting

**Name of the Vulnerable Software and Affected Versions** Contiki-NG tinyDTLS through master branch 53a0d97 **Description** An issue exists in the handling of a ClientHello handshake message, where an infinite loop bug can be triggered by remote attackers sending a malformed message with an odd length of cipher suites. This results in a denial of service, consuming all resources, and a buffer over-read that can disclose sensitive information. **Recommendations** For Contiki-NG tinyDTLS through master branch 53a0d97, consider disabling the handling of ClientHello handshake messages with odd length cipher suites as a temporary workaround until a patch is available. Restrict access to the tinyDTLS module to minimize the risk of exploitation. Avoid using the `cipher suites` variable in the affected handshake message until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Contiki-NG tinyDTLS versions through master branch 53a0d97 **Description** A buffer over-read issue exists in the `dtls sha256 update` function, allowing remote attackers to cause a denial of service via crafted data packets. This issue affects Contiki-NG tinyDTLS, enabling attackers to disrupt service. **Recommendations** For Contiki-NG tinyDTLS versions through master branch 53a0d97, as a temporary workaround, consider disabling the `dtls sha256 update` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Contiki-NG tinyDTLS through master branch 53a0d97 **Description** An issue was discovered in DTLS servers, allowing remote attackers to reuse the same epoch number within two times the TCP maximum segment lifetime, which is prohibited in RFC6347. This allows remote attackers to obtain sensitive application data of connected clients. **Recommendations** For Contiki-NG tinyDTLS through master branch 53a0d97, consider disabling the DTLS server functionality until a patch is available to prevent remote attackers from reusing the same epoch number and obtaining sensitive application data. Restrict access to the DTLS server to minimize the risk of exploitation. Avoid using the DTLS protocol with the current implementation until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Contiki-NG tinyDTLS through master branch 53a0d97 **Description** An assertion failure in the `check certificate request()` function allows attackers to cause a denial of service. This issue affects Contiki-NG tinyDTLS, enabling attackers to exploit it and disrupt service. **Recommendations** For Contiki-NG tinyDTLS through master branch 53a0d97, as a temporary workaround, consider disabling the `check certificate request()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Contiki-NG tinyDTLS versions through master branch 53a0d97 **Description** The issue allows attackers to obtain sensitive information via crafted input to the `dtls ccm decrypt message()` function. **Recommendations** For Contiki-NG tinyDTLS versions through master branch 53a0d97, consider restricting the input to the `dtls ccm decrypt message()` function to prevent buffer over-read until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Redis versions master-1b8bd86 through master-7b46079 **Description** The issue is related to an ODR violation via the component `hiredisAllocFns` at `/opt/fs/redisraft/deps/hiredis/alloc.c`. This is associated with a buffer overflow in memory, which can be exploited by a remote attacker to cause a denial of service or other impact. **Recommendations** For versions master-1b8bd86 through master-7b46079, as a temporary workaround, consider disabling the `hiredisAllocFns` component until a patch is available. Restrict access to the `/opt/fs/redisraft/deps/hiredis/alloc.c` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Contiki-NG tinyDTLS through master branch 53a0d97 **Description** An issue in DTLS servers allows remote attackers to cause a denial of service and false-positive packet drops due to the mishandling of the early use of a large epoch number. **Recommendations** For Contiki-NG tinyDTLS through master branch 53a0d97, consider implementing measures to handle large epoch numbers correctly in DTLS servers to prevent denial of service and false-positive packet drops. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Contiki-NG tinyDTLS versions through 2018-08-30 **Description** An issue was discovered where one incorrect handshake could complete with different epoch numbers in the packets `Client Hello`, `Client key exchange`, and `Change cipher spec`, which may cause denial of service. **Recommendations** For Contiki-NG tinyDTLS versions through 2018-08-30, consider applying configuration changes to prevent incorrect handshakes with different epoch numbers, such as validating epoch numbers in the `Client Hello`, `Client key exchange`, and `Change cipher spec` packets. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** redis version 7.0.10 **Description** The issue allows attackers to cause a Denial of Service (DoS) via unspecified vectors. It is related to a segmentation violation. **Recommendations** For redis version 7.0.10, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Baidu braft version 1.1.2 **Description** The issue is related to a memory leak due to the use of the new operator in example/atomic/atomic server. Installations with brpc-0.14.0 and later are not affected. **Recommendations** For Baidu braft version 1.1.2, consider updating to a version that includes the fix for the memory leak issue, as installations with brpc-0.14.0 and later are unaffected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Contiki version 3.0 **Description** The issue arises from mishandled Telnet option negotiation between a server and a client. Specifically, the server may fail to provide the necessary WILL/WONT or DO/DONT response for DO and WILL commands due to improper handling of exception conditions. This can lead to property violations and denial of service. The problem occurs because a fixed buffer space is allocated for all responses, and this space may become exhausted, causing the server to send no response. **Recommendations** For Contiki version 3.0, consider implementing proper exception handling for Telnet option negotiations to prevent buffer exhaustion and ensure the server provides the required responses for DO and WILL commands. As a temporary workaround, consider restricting or closely monitoring Telnet negotiations to minimize the risk of denial of service.

**Name of the Vulnerable Software and Affected Versions** Contiki version 3.0 **Description** The issue arises when the Telnet server in Contiki silently quits before disconnecting from clients, causing connected clients to enter an infinite loop and wait indefinitely. This situation may lead to excessive CPU consumption. **Recommendations** For Contiki version 3.0, consider implementing a mechanism to properly handle the disconnection of clients when the Telnet server quits to prevent infinite loops and excessive CPU consumption. As a temporary workaround, consider restricting or disabling the Telnet server functionality until a proper fix is implemented.

**Name of the Vulnerable Software and Affected Versions** Contiki version 3.0 **Description** The issue is related to a buffer overflow in the Telnet service, which can be exploited by remote attackers to cause a denial of service. This occurs because the `ls` command is mishandled when a directory contains many files with long names. **Recommendations** For Contiki version 3.0, consider disabling the Telnet service until a patch is available to prevent potential denial of service attacks. Restrict access to directories with many files to minimize the risk of exploitation. Avoid using the `ls` command in the Telnet service for directories with long file names until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: Contiki version 3.0 Description: The issue exists in the Telnet service of Contiki, where potential nonterminating acknowledgment loops can occur. When negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands. This may lead to infinite acknowledgment loops, denial of service, and excessive CPU consumption. Recommendations: For Contiki version 3.0, as a temporary workaround, consider disabling the Telnet service until a patch is available. Restrict access to the Telnet module to minimize the risk of exploitation. Avoid using the DONT and WONT requests in the affected Telnet service until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.