PT-2020-5602 · Contiki+5 · Contiki+5

Published

2020-12-01

Updated

2024-05-22

CVE-2020-13987

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Contiki versions through 3.0

Description An issue exists in the uIP TCP/IP Stack component of Contiki when calculating the checksums for IP packets in the upper layer chksum function in net/ipv4/uip.c, leading to an Out-of-Bounds Read. This can allow a remote attacker to cause a denial of service.

Recommendations For Contiki versions through 3.0, as a temporary workaround, consider restricting access to the upper layer chksum function in net/ipv4/uip.c until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2021-4852

BDU:2021-01237

CVE-2020-13987

SUSE-RU-2021:1517-1

SUSE-SU-2021:0663-1

SUSE-SU-2021:1164-1

SUSE-SU-2021_0663-1

SUSE-SU-2021_1164-1

SUSE-SU-2022:2806-1

SUSE-SU-2022_2806-1

USN-6259-1

Affected Products

Alt Linux

Astra Linux

Contiki

Linuxmint

Suse

Ubuntu

PT-2020-5602 · Contiki+5 · Contiki+5

CVE-2020-13987

Weakness Enumeration

Related Identifiers

Affected Products

References · 40