CVE-2021-42147
First published: Wed Jan 24 2024(Updated: )
Buffer over-read vulnerability in the dtls_sha256_update function in Contiki-NG tinyDTLS through master branch 53a0d97 allows remote attackers to cause a denial of service via crafted data packet.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Contiki-NG | =2018-08-30 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-42147?
CVE-2021-42147 is a denial of service vulnerability that can impact the availability of affected systems.
How do I fix CVE-2021-42147?
To mitigate CVE-2021-42147, update to the latest version of Contiki-NG tinyDTLS that addresses this buffer over-read issue.
Which versions of Contiki-NG tinyDTLS are affected by CVE-2021-42147?
CVE-2021-42147 affects the 2018-08-30 version of Contiki-NG tinyDTLS on the master branch.
Can CVE-2021-42147 be exploited remotely?
Yes, CVE-2021-42147 can be exploited by remote attackers through crafted data packets.
What impact does CVE-2021-42147 have on applications?
CVE-2021-42147 can cause a denial of service, potentially crashing applications using the affected library.
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/author
- agent/event
- agent/severity
- agent/weakness
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/contiki-ng
- canonical/contiki-ng
- version/contiki-ng/2018-08-30