CVE-2018-16600

Name of the Vulnerable Software and Affected Versions Amazon Web Services (AWS) FreeRTOS versions through 1.3.1 FreeRTOS versions up to V10.0.1 WITTENSTEIN WHIS Connect middleware TCP/IP component (affected versions not specified)

Description The issue is related to out of bounds memory access during the parsing of ARP packets in the eARPProcessPacket function, which can be used for information disclosure.

Recommendations For Amazon Web Services (AWS) FreeRTOS versions through 1.3.1, update to a version later than 1.3.1 to resolve the issue. For FreeRTOS versions up to V10.0.1, update to a version later than V10.0.1 to resolve the issue. For WITTENSTEIN WHIS Connect middleware TCP/IP component, at the moment, there is no information about a newer version that contains a fix for this vulnerability.