ID

VAR-202012-0485


CVE

CVE-2020-24336


TITLE

Embedded TCP/IP stacks have memory corruption vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#815128

DESCRIPTION

An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled. Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices, have several vulnerabilities stemming from improper memory management. These vulnerabilities are also tracked as ICS-VU-633937 and JVNVU#96491057 as well as the name AMNESIA:33.CVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not AffectedCVE-2020-13984 Not Affected CVE-2020-13985 Affected CVE-2020-13986 Affected CVE-2020-13987 Affected CVE-2020-13988 Affected CVE-2020-17437 Affected CVE-2020-17438 Affected CVE-2020-17439 Affected CVE-2020-17440 Affected CVE-2020-17441 Not Affected CVE-2020-17442 Not Affected CVE-2020-17443 Not Affected CVE-2020-17444 Not Affected CVE-2020-17445 Not Affected CVE-2020-17467 Not Affected CVE-2020-17468 Not Affected CVE-2020-17469 Not Affected CVE-2020-17470 Not Affected CVE-2020-24334 Affected CVE-2020-24335 Not Affected CVE-2020-24336 Affected CVE-2020-24337 Not Affected CVE-2020-24338 Not Affected CVE-2020-24339 Not Affected CVE-2020-24340 Not Affected CVE-2020-24341 Not Affected CVE-2020-24383 Not Affected CVE-2020-25107 Not Affected CVE-2020-25108 Not Affected CVE-2020-25109 Not Affected CVE-2020-25110 Not Affected CVE-2020-25111 Not Affected CVE-2020-25112 Not Affected CVE-2021-28362 Not Affected. Contiki is an open source cross-platform operating system for IoT (Internet of Things) devices. Contiki-NG is an open source cross-platform operating system for next-generation IoT (Internet of Things) devices. Contiki-NG and Contiki have a buffer error vulnerability. The vulnerability stems from the fact that the function that parses the DNS record in the DNS response packet sent through NAT64 does not verify the length field of the response record, allowing an attacker to destroy the memory. An issue exists in Contiki up to and including 3.0 and Contiki-NG up to and including 4.5

Trust: 2.25

sources: NVD: CVE-2020-24336 // CERT/CC: VU#815128 // CNNVD: CNNVD-202012-644 // VULMON: CVE-2020-24336

AFFECTED PRODUCTS

vendor:contiki osmodel:contikiscope:lteversion:3.0

Trust: 1.0

vendor:contiki ngmodel:contiki-ngscope:lteversion:4.5

Trust: 1.0

sources: NVD: CVE-2020-24336

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-24336
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-202012-644
value: CRITICAL

Trust: 0.6

VULMON: CVE-2020-24336
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2020-24336
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

nvd@nist.gov: CVE-2020-24336
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULMON: CVE-2020-24336 // CNNVD: CNNVD-202012-644 // NVD: CVE-2020-24336

PROBLEMTYPE DATA

problemtype:CWE-120

Trust: 1.0

sources: NVD: CVE-2020-24336

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202012-644

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202012-644

PATCH

title:Brocade Security Advisories: Access Denied Access Deniedurl:https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=54887b0d314c8021dc2d190abfce740d

Trust: 0.1

sources: VULMON: CVE-2020-24336

EXTERNAL IDS

db:NVDid:CVE-2020-24336

Trust: 2.5

db:CERT/CCid:VU#815128

Trust: 2.5

db:ICS CERTid:ICSA-20-343-01

Trust: 1.7

db:AUSCERTid:ESB-2020.4363

Trust: 0.6

db:CNNVDid:CNNVD-202012-644

Trust: 0.6

db:VULMONid:CVE-2020-24336

Trust: 0.1

sources: CERT/CC: VU#815128 // VULMON: CVE-2020-24336 // CNNVD: CNNVD-202012-644 // NVD: CVE-2020-24336

REFERENCES

url:https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01

Trust: 1.7

url:https://www.kb.cert.org/vuls/id/815128

Trust: 1.7

url:cve-2020-13984

Trust: 0.8

url:cve-2020-13985

Trust: 0.8

url:cve-2020-13986

Trust: 0.8

url:cve-2020-13987

Trust: 0.8

url:cve-2020-13988

Trust: 0.8

url:cve-2020-17437

Trust: 0.8

url:cve-2020-17438

Trust: 0.8

url:cve-2020-17439

Trust: 0.8

url:cve-2020-17440

Trust: 0.8

url:cve-2020-17441

Trust: 0.8

url:cve-2020-17442

Trust: 0.8

url:cve-2020-17443

Trust: 0.8

url:cve-2020-17444

Trust: 0.8

url:cve-2020-17445

Trust: 0.8

url:cve-2020-17467

Trust: 0.8

url:cve-2020-17468

Trust: 0.8

url:cve-2020-17469

Trust: 0.8

url:cve-2020-17470

Trust: 0.8

url:cve-2020-24334

Trust: 0.8

url:cve-2020-24335

Trust: 0.8

url:cve-2020-24336

Trust: 0.8

url:cve-2020-24337

Trust: 0.8

url:cve-2020-24338

Trust: 0.8

url:cve-2020-24339

Trust: 0.8

url:cve-2020-24340

Trust: 0.8

url:cve-2020-24341

Trust: 0.8

url:cve-2020-24383

Trust: 0.8

url:cve-2020-25107

Trust: 0.8

url:cve-2020-25108

Trust: 0.8

url:cve-2020-25109

Trust: 0.8

url:cve-2020-25110

Trust: 0.8

url:cve-2020-25111

Trust: 0.8

url:cve-2020-25112

Trust: 0.8

url:cve-2021-28362

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2020-24336

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.4363/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/120.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://support.broadcom.com/external/content/securityadvisories/0/21596

Trust: 0.1

sources: CERT/CC: VU#815128 // VULMON: CVE-2020-24336 // CNNVD: CNNVD-202012-644 // NVD: CVE-2020-24336

CREDITS

This document was written by Vijay Sarvepalli.Statement Date:   December 08, 2020

Trust: 0.8

sources: CERT/CC: VU#815128

SOURCES

db:CERT/CCid:VU#815128
db:VULMONid:CVE-2020-24336
db:CNNVDid:CNNVD-202012-644
db:NVDid:CVE-2020-24336

LAST UPDATE DATE

2024-11-23T21:28:55.591000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#815128date:2021-05-11T00:00:00
db:VULMONid:CVE-2020-24336date:2020-12-15T00:00:00
db:CNNVDid:CNNVD-202012-644date:2020-12-16T00:00:00
db:NVDid:CVE-2020-24336date:2024-11-21T05:14:36.863

SOURCES RELEASE DATE

db:CERT/CCid:VU#815128date:2020-12-08T00:00:00
db:VULMONid:CVE-2020-24336date:2020-12-11T00:00:00
db:CNNVDid:CNNVD-202012-644date:2020-12-08T00:00:00
db:NVDid:CVE-2020-24336date:2020-12-11T23:15:13.870