PT-2020-14993 · Altran Intelligent Systems · Picotcp

Published

2020-12-11

Updated

2021-07-21

CVE-2020-17444

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions picoTCP version 1.7.0

Description An issue in picoTCP leads to a Denial-of-Service. The routine for processing the next header field does not check whether the header extension length field would overflow. If it wraps around to zero, iterating through the extension headers will not increment the current data pointer, resulting in an infinite loop in the pico ipv6 check headers sequence() function in pico ipv6.c.

Recommendations For picoTCP version 1.7.0, consider applying a patch that checks for potential overflows in the header extension length field to prevent infinite loops. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Infinite Loop

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-835CWE-20

Related Identifiers

CVE-2020-17444

Affected Products

Picotcp

PT-2020-14993 · Altran Intelligent Systems · Picotcp

CVE-2020-17444

Weakness Enumeration

Related Identifiers

Affected Products

References · 4