Silentdawn

**Name of the Vulnerable Software and Affected Versions** lwIP versions 2.1.2 and git head version **Description** A buffer overflow vulnerability in the `zepif linkoutput()` function allows attackers to access sensitive information via a crafted 6LoWPAN packet. The issue is related to the lack of input validation during buffer copying, enabling a remote attacker to exploit the vulnerability and gain access to confidential data. **Recommendations** For lwIP version 2.1.2, consider disabling the `zepif linkoutput()` function until a patch is available. For lwIP git head version, consider disabling the `zepif linkoutput()` function until a patch is available. As a temporary workaround, restrict the use of crafted 6LoWPAN packets to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** lwIP version git head **Description** A buffer overflow vulnerability in the `icmp6 send response with addrs and netif()` function allows attackers to access sensitive information via a crafted ICMPv6 packet. The issue is related to the copying of a buffer without checking the input data, which can be exploited by a remote attacker to gain access to confidential data. **Recommendations** As a temporary workaround, consider disabling the `icmp6 send response with addrs and netif()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Real Time Engineers FreeRTOS+FAT version 160919a **Description** The issue is related to a use after free error. The function `FF Close()` is defined in the file `ff file.c`. The file handler `pxFile` is freed by `ffconfigFREE`, which by default is a macro definition of `vPortFree()`. However, the freed `pxFile` is reused to flush modified file content from the cache to disk by the function `FF FlushCache()`. **Recommendations** For Real Time Engineers FreeRTOS+FAT version 160919a, consider disabling the `FF FlushCache()` function until a patch is available to prevent the reuse of the freed `pxFile` handler. Restrict access to the `ff file.c` module to minimize the risk of exploitation. Avoid using the `pxFile` handler in the affected `FF Close()` function until the issue is resolved.