Sign-up

ID

VAR-202402-1858


CVE

CVE-2023-48229


TITLE

Contiki-NG  Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2023-027760

DESCRIPTION

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds write exists in the driver for IEEE 802.15.4 radios on nRF platforms in the Contiki-NG operating system. The problem is triggered when parsing radio frames in the `read_frame` function in the `arch/cpu/nrf/net/nrf-ieee-driver-arch.c` module. More specifically, the `read_frame` function performs an incomplete validation of the payload length of the packet, which is a value that can be set by an external party that sends radio packets to a Contiki-NG system. Although the value is validated to be in the range of the MTU length, it is not validated to fit into the given buffer into which the packet will be copied. The problem has been patched in the "develop" branch of Contiki-NG and is expected to be included in subsequent releases. Users are advised to update their develop branch or to update to a subsequent release when available. Users unable to upgrade should consider manually applying the changes in PR #2741. Contiki-NG Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2023-48229 // JVNDB: JVNDB-2023-027760 // VULMON: CVE-2023-48229

AFFECTED PRODUCTS

vendor:contiki ngmodel:contiki-ngscope:lteversion:4.9

Trust: 1.0

vendor:contiki ngmodel:contiki-ngscope: - version: -

Trust: 0.8

vendor:contiki ngmodel:contiki-ngscope:lteversion:4.9 and earlier

Trust: 0.8

vendor:contiki ngmodel:contiki-ngscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2023-027760 // NVD: CVE-2023-48229

CVSS

SEVERITY

CVSSV2

CVSSV3

security-advisories@github.com: CVE-2023-48229
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2023-48229
value: HIGH

Trust: 1.0

NVD: CVE-2023-48229
value: HIGH

Trust: 0.8

security-advisories@github.com: CVE-2023-48229
baseSeverity: HIGH
baseScore: 7.0
vectorString: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
attackVector: NETWORK
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.2
impactScore: 4.7
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2023-48229
baseSeverity: HIGH
baseScore: 7.6
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 4.7
version: 3.1

Trust: 1.0

NVD: CVE-2023-48229
baseSeverity: HIGH
baseScore: 7.6
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2023-027760 // NVD: CVE-2023-48229 // NVD: CVE-2023-48229

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:Out-of-bounds writing (CWE-787) [NVD evaluation ]

Trust: 0.8

problemtype: Out-of-bounds writing (CWE-787) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2023-027760 // NVD: CVE-2023-48229

EXTERNAL IDS

db:NVDid:CVE-2023-48229

Trust: 2.7

db:JVNDBid:JVNDB-2023-027760

Trust: 0.8

db:VULMONid:CVE-2023-48229

Trust: 0.1

sources: VULMON: CVE-2023-48229 // JVNDB: JVNDB-2023-027760 // NVD: CVE-2023-48229

REFERENCES

url:https://github.com/contiki-ng/contiki-ng/security/advisories/ghsa-rcwv-xwc9-5hp2

Trust: 1.9

url:https://github.com/contiki-ng/contiki-ng/pull/2741

Trust: 1.9

url:https://nvd.nist.gov/vuln/detail/cve-2023-48229

Trust: 0.8

url:https://cwe.mitre.org/data/definitions/787.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: VULMON: CVE-2023-48229 // JVNDB: JVNDB-2023-027760 // NVD: CVE-2023-48229

SOURCES

db:VULMONid:CVE-2023-48229
db:JVNDBid:JVNDB-2023-027760
db:NVDid:CVE-2023-48229

LAST UPDATE DATE

2025-01-08T23:00:11.931000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2023-48229date:2024-02-15T00:00:00
db:JVNDBid:JVNDB-2023-027760date:2025-01-07T06:09:00
db:NVDid:CVE-2023-48229date:2025-01-06T15:28:46.193

SOURCES RELEASE DATE

db:VULMONid:CVE-2023-48229date:2024-02-14T00:00:00
db:JVNDBid:JVNDB-2023-027760date:2025-01-07T00:00:00
db:NVDid:CVE-2023-48229date:2024-02-14T19:15:08.893