ID
VAR-202309-2067
CVE
CVE-2023-37459
DESCRIPTION
Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when a packet is received, the Contiki-NG network stack attempts to start the periodic TCP timer if it is a TCP packet with the SYN flag set. But the implementation does not first verify that a full TCP header has been received. Specifically, the implementation attempts to access the flags field from the TCP buffer in the following conditional expression in the `check_for_tcp_syn` function. For this reason, an attacker can inject a truncated TCP packet, which will lead to an out-of-bound read from the packet buffer. As of time of publication, a patched version is not available. As a workaround, one can apply the changes in Contiki-NG pull request #2510 to patch the system.
Trust: 1.0
AFFECTED PRODUCTS
| vendor: | contiki ng | model: | contiki-ng | scope: | lte | version: | 4.9 | Trust: 1.0 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-125 | Trust: 1.0 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2023-37459 | Trust: 1.0 |
REFERENCES
| url: | https://github.com/contiki-ng/contiki-ng/pull/2510 | Trust: 1.0 |
| url: | https://github.com/contiki-ng/contiki-ng/security/advisories/ghsa-6648-m23r-hq8c | Trust: 1.0 |
SOURCES
| db: | NVD | id: | CVE-2023-37459 |
LAST UPDATE DATE
2024-08-14T14:16:58.165000+00:00
SOURCES UPDATE DATE
| db: | NVD | id: | CVE-2023-37459 | date: | 2023-09-19T15:14:43.653 |
SOURCES RELEASE DATE
| db: | NVD | id: | CVE-2023-37459 | date: | 2023-09-15T20:15:08.650 |