Sign-up

ID

VAR-202301-2075


CVE

CVE-2023-23609


TITLE

Contiki-NG  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-002984

DESCRIPTION

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol (BLE-L2CAP) module handles fragmentation of packets up the configured MTU size. When fragments are reassembled, they are stored in a packet buffer of a configurable size, but there is no check to verify that the packet buffer is large enough to hold the reassembled packet. In Contiki-NG's default configuration, it is possible that an out-of-bounds write of up to 1152 bytes occurs. The vulnerability has been patched in the "develop" branch of Contiki-NG, and will be included in release 4.9. The problem can be fixed by applying the patch in Contiki-NG pull request #2254 prior to the release of version 4.9. Contiki-NG Exists in an out-of-bounds write vulnerability.Information may be tampered with

Trust: 2.25

sources: NVD: CVE-2023-23609 // JVNDB: JVNDB-2023-002984 // CNNVD: CNNVD-202301-2003 // VULMON: CVE-2023-23609

AFFECTED PRODUCTS

vendor:contiki ngmodel:contiki-ngscope:lteversion:4.8

Trust: 1.0

vendor:contiki ngmodel:contiki-ngscope:lteversion:4.8 and earlier

Trust: 0.8

vendor:contiki ngmodel:contiki-ngscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-002984 // NVD: CVE-2023-23609

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2023-23609
value: HIGH

Trust: 1.0

security-advisories@github.com: CVE-2023-23609
value: HIGH

Trust: 1.0

NVD: CVE-2023-23609
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202301-2003
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2023-23609
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 4.0
version: 3.1

Trust: 1.0

security-advisories@github.com: CVE-2023-23609
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:L
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 4.7
version: 3.1

Trust: 1.0

NVD: CVE-2023-23609
baseSeverity: HIGH
baseScore: 7.4
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-002984 // CNNVD: CNNVD-202301-2003 // NVD: CVE-2023-23609 // NVD: CVE-2023-23609

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-002984 // NVD: CVE-2023-23609

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202301-2003

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202301-2003

PATCH

title:Check available packetbuf space before writing to it in ble-l2cap #2254 GitHuburl:https://github.com/contiki-ng/contiki-ng/pull/2254

Trust: 0.8

title:Contiki-NG Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=223365

Trust: 0.6

sources: JVNDB: JVNDB-2023-002984 // CNNVD: CNNVD-202301-2003

EXTERNAL IDS

db:NVDid:CVE-2023-23609

Trust: 3.3

db:JVNDBid:JVNDB-2023-002984

Trust: 0.8

db:CNNVDid:CNNVD-202301-2003

Trust: 0.6

db:VULMONid:CVE-2023-23609

Trust: 0.1

sources: VULMON: CVE-2023-23609 // JVNDB: JVNDB-2023-002984 // CNNVD: CNNVD-202301-2003 // NVD: CVE-2023-23609

REFERENCES

url:https://github.com/contiki-ng/contiki-ng/security/advisories/ghsa-qr4q-6h3m-h3g7

Trust: 1.7

url:https://github.com/contiki-ng/contiki-ng/pull/2254

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2023-23609

Trust: 1.4

url:https://cxsecurity.com/cveshow/cve-2023-23609/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-23609 // JVNDB: JVNDB-2023-002984 // CNNVD: CNNVD-202301-2003 // NVD: CVE-2023-23609

SOURCES

db:VULMONid:CVE-2023-23609
db:JVNDBid:JVNDB-2023-002984
db:CNNVDid:CNNVD-202301-2003
db:NVDid:CVE-2023-23609

LAST UPDATE DATE

2024-08-14T15:05:55.332000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-23609date:2023-01-27T00:00:00
db:JVNDBid:JVNDB-2023-002984date:2023-08-28T07:12:00
db:CNNVDid:CNNVD-202301-2003date:2023-02-08T00:00:00
db:NVDid:CVE-2023-23609date:2023-02-07T19:59:57.987

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-23609date:2023-01-26T00:00:00
db:JVNDBid:JVNDB-2023-002984date:2023-08-28T00:00:00
db:CNNVDid:CNNVD-202301-2003date:2023-01-26T00:00:00
db:NVDid:CVE-2023-23609date:2023-01-26T21:18:14.100