CVE-2021-27698

Name of the Vulnerable Software and Affected Versions: RIOT-OS version 2021.01

Description: The issue is related to a buffer overflow in the parse options() function, located in the /sys/net/gnrc/routing/rpl/gnrc rpl control messages.c file.

Recommendations: For RIOT-OS version 2021.01, consider disabling the parse options() function as a temporary workaround until a patch is available. Restrict access to the /sys/net/gnrc/routing/rpl/gnrc rpl control messages.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.