Details of VAR-202306-0765

ID

VAR-202306-0765

CVE

CVE-2023-34100

TITLE

Contiki-NG Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-008579

DESCRIPTION

Contiki-NG is an open-source, cross-platform operating system for IoT devices. When reading the TCP MSS option value from an incoming packet, the Contiki-NG OS does not verify that certain buffer indices to read from are within the bounds of the IPv6 packet buffer, uip_buf. In particular, there is a 2-byte buffer read in the module os/net/ipv6/uip6.c. The buffer is indexed using 'UIP_IPTCPH_LEN + 2 + c' and 'UIP_IPTCPH_LEN + 3 + c', but the uip_buf buffer may not have enough data, resulting in a 2-byte read out of bounds. The problem has been patched in the "develop" branch of Contiki-NG, and is expected to be included in release 4.9. Users are advised to watch for the 4.9 release and to upgrade when it becomes available. There are no workarounds for this vulnerability aside from manually patching with the diff in commit `cde4e9839`. Contiki-NG Exists in an out-of-bounds read vulnerability.Information is obtained and service operation is interrupted (DoS) It may be in a state

Trust: 2.25

sources: NVD: CVE-2023-34100 // JVNDB: JVNDB-2023-008579 // CNNVD: CNNVD-202306-721 // VULMON: CVE-2023-34100

AFFECTED PRODUCTS

vendor:	contiki ng	model:	contiki-ng	scope:	lte	version:	4.8	Trust: 1.0
vendor:	contiki ng	model:	contiki-ng	scope:	-	version:	-	Trust: 0.8
vendor:	contiki ng	model:	contiki-ng	scope:	lte	version:	4.8 and earlier	Trust: 0.8
vendor:	contiki ng	model:	contiki-ng	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2023-008579 // NVD: CVE-2023-34100

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2023-34100
value:	MEDIUM
Trust: 1.0
security-advisories@github.com:	CVE-2023-34100
value:	HIGH
Trust: 1.0
NVD:	CVE-2023-34100
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202306-721
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2023-34100
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	2.5
version:	3.1
Trust: 1.0
security-advisories@github.com:	CVE-2023-34100
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	3.9
impactScore:	3.4
version:	3.1
Trust: 1.0
NVD:	CVE-2023-34100
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2023-008579 // CNNVD: CNNVD-202306-721 // NVD: CVE-2023-34100 // NVD: CVE-2023-34100

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.0
problemtype:	Out-of-bounds read (CWE-125) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-008579 // NVD: CVE-2023-34100

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202306-721

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202306-721

PATCH

title:

Contiki-NG Buffer error vulnerability fix

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=242485

Trust: 0.6

sources: CNNVD: CNNVD-202306-721

EXTERNAL IDS

db:	NVD	id:	CVE-2023-34100	Trust: 3.3
db:	JVNDB	id:	JVNDB-2023-008579	Trust: 0.8
db:	CNNVD	id:	CNNVD-202306-721	Trust: 0.6
db:	VULMON	id:	CVE-2023-34100	Trust: 0.1

sources: VULMON: CVE-2023-34100 // JVNDB: JVNDB-2023-008579 // CNNVD: CNNVD-202306-721 // NVD: CVE-2023-34100

REFERENCES

url:	https://github.com/contiki-ng/contiki-ng/security/advisories/ghsa-3v7c-jq9x-cmph	Trust: 2.5
url:	https://github.com/contiki-ng/contiki-ng/pull/2434/commits/cde4e98398a2f5b994972c8459342af3ba93b98e	Trust: 2.5
url:	https://nvd.nist.gov/vuln/detail/cve-2023-34100	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2023-34100/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/125.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2023-34100 // JVNDB: JVNDB-2023-008579 // CNNVD: CNNVD-202306-721 // NVD: CVE-2023-34100

SOURCES

db:	VULMON	id:	CVE-2023-34100
db:	JVNDB	id:	JVNDB-2023-008579
db:	CNNVD	id:	CNNVD-202306-721
db:	NVD	id:	CVE-2023-34100

LAST UPDATE DATE

2024-08-14T15:05:36.951000+00:00

SOURCES UPDATE DATE

db:	VULMON	id:	CVE-2023-34100	date:	2023-06-09T00:00:00
db:	JVNDB	id:	JVNDB-2023-008579	date:	2023-12-01T08:14:00
db:	CNNVD	id:	CNNVD-202306-721	date:	2023-06-25T00:00:00
db:	NVD	id:	CVE-2023-34100	date:	2023-06-21T13:18:46.317

SOURCES RELEASE DATE

db:	VULMON	id:	CVE-2023-34100	date:	2023-06-09T00:00:00
db:	JVNDB	id:	JVNDB-2023-008579	date:	2023-12-01T00:00:00
db:	CNNVD	id:	CNNVD-202306-721	date:	2023-06-09T00:00:00
db:	NVD	id:	CVE-2023-34100	date:	2023-06-09T18:15:09.737