CVE-2019-17389

Name of the Vulnerable Software and Affected Versions RIOT version 2019.07

Description The MQTT-SN implementation in RIOT mishandles errors during a read operation on a UDP socket, causing the receive loop to end. This allows an attacker to prevent a RIOT MQTT-SN client from working until the device is restarted by sending a large packet.

Recommendations For RIOT version 2019.07, consider restarting the device after encountering the issue as a temporary workaround until a patch is available.