PT-2018-13683 · Contiki Ng · Contiki-Ng
Published
2018-09-07
·
Updated
2019-10-03
·
CVE-2018-16667
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Contiki-NG versions prior to 4.2
Description
A buffer over-read issue was discovered in the lookup function within the os/storage/antelope/lvm.c file. This issue occurs while parsing AQL and involves functions such as
lvm register variable, lvm set variable value, create intersection, and create union.Recommendations
For Contiki-NG versions prior to 4.2, update to version 4.2 or later to resolve the issue.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Contiki-Ng