CVE-2020-11897

Name of the Vulnerable Software and Affected Versions Treck TCP/IP stack versions prior to 5.0.1.35

Description The issue is related to an out-of-bounds write in the implementation of the IPv6 protocol stack. This can be exploited by a remote attacker using multiple malformed IPv6 packets, potentially affecting the confidentiality, integrity, and availability of protected information.

Recommendations For versions prior to 5.0.1.35, update to version 5.0.1.35 or later to resolve the issue. As a temporary workaround, consider restricting access to the IPv6 protocol stack until a patch is available. Avoid using the Treck TCP/IP stack with untrusted IPv6 packets until the issue is resolved.