First published: Fri Dec 11 2020(Updated: )
An issue was discovered in picoTCP 1.7.0. The code for parsing the hop-by-hop IPv6 extension headers does not validate the bounds of the extension header length value, which may result in Integer Wraparound. Therefore, a crafted extension header length value may cause Denial-of-Service because it affects the loop in which the extension headers are parsed in pico_ipv6_process_hopbyhop() in pico_ipv6.c.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Altran picoTCP | <=1.7.0 | |
Multiple (open source) picoTCP-NG, Version 1.7.0 and prior | ||
Multiple (open source) picoTCP (EOL), Version 1.7.0 and prior | ||
Multiple (open source) FNET, Version 4.6.3 | ||
Multiple (open source) Nut/Net, Version 5.1 and prior |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-17442.
The severity of CVE-2020-17442 is high with a CVSS score of 7.5.
The affected software for CVE-2020-17442 is picoTCP version 1.7.0.
The CWE ID for this vulnerability is CWE-190.
This vulnerability can be exploited by crafting a malicious extension header length value, which may cause a Denial-of-Service attack.