CVE-2026-22213

Name of the Vulnerable Software and Affected Versions RIOT OS versions up to and including 2026.01-devel-317

Description RIOT OS versions up to and including 2026.01-devel-317 have a stack-based buffer overflow issue in the tapslip6 utility. This is due to unsafe string concatenation within the devopen() function. The utility utilizes strcpy() and strcat() to combine a fixed prefix '/dev/' with a user-provided device name from the -s command-line option without sufficient bounds checking. An attacker can provide a device name that is excessively long, causing a stack buffer overflow, which can lead to process crashes and memory corruption.

Recommendations Update to a version of RIOT OS newer than 2026.01-devel-317.