CVE-2020-35683

Name of the Vulnerable Software and Affected Versions HCC Nichestack version 3.0

Description An issue was discovered in the code that parses ICMP packets, where it relies on an unchecked value of the IP payload size to compute the ICMP checksum. When the IP payload size is set to be smaller than the size of the IP header, the ICMP checksum computation function may read out of bounds, causing a Denial-of-Service. The vulnerability is related to insufficient input validation in the ICMP checksum function.

Recommendations For HCC Nichestack version 3.0, as a temporary workaround, consider disabling the ICMP checksum computation function until a patch is available. Restrict access to the ICMP packet parsing module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.