First published: Thu Jul 22 2021(Updated: )
A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Lwip Project Lwip |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-22283 is a buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP.
CVE-2020-22283 allows attackers to access sensitive information by sending a crafted ICMPv6 packet.
The affected software is Lwip Project Lwip version git head.
The severity of CVE-2020-22283 is high with a CVSS score of 7.5.
To fix CVE-2020-22283, it is recommended to update to a patched version of Lwip Project Lwip.