CVE-2020-17438

Name of the Vulnerable Software and Affected Versions uIP version 1.0 Contiki versions 3.0

Description The issue is related to the reassembly of fragmented packets, where the code fails to properly validate the total length of an incoming packet and the fragmentation offset value in the IP header. This can be exploited by crafting a packet with specific IP header length and fragmentation offset values, allowing attackers to write into the .bss section of the program and cause a denial of service in uip reass() in uip.c, or possibly execute arbitrary code on some target architectures.

Recommendations For uIP version 1.0, consider disabling the uip reass() function until a patch is available to prevent potential exploitation. For Contiki versions 3.0, restrict access to the uip.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.