PT-2020-15688 · Alcatel Lucent · Picotcp-Ng+1
Published
2020-12-11
·
Updated
2020-12-14
·
CVE-2020-24337
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
picoTCP and picoTCP-NG versions through 1.7.0
Description
The issue allows for a Denial-of-Service by causing an infinite loop in the code that parses TCP options, specifically in the
tcp parse options() function in pico tcp.c, when an unsupported TCP option with zero length is provided in an incoming TCP packet.Recommendations
For picoTCP and picoTCP-NG versions through 1.7.0, consider disabling the
tcp parse options() function as a temporary workaround until a patch is available. Restrict access to the TCP parsing module to minimize the risk of exploitation. Avoid using unsupported TCP options with zero length in incoming TCP packets until the issue is resolved.Fix
Infinite Loop
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Picotcp
Picotcp-Ng