CVE-2023-30463: Integer Overflow
First published: Wed Apr 19 2023(Updated: )
Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 may occur.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Altran picoTCP | <=1.7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-30463.
What is the severity rating of CVE-2023-30463?
CVE-2023-30463 has a severity rating of 7.5 (high).
How does CVE-2023-30463 affect Altran picoTCP?
CVE-2023-30463 allows memory corruption and subsequent denial of service in Altran picoTCP versions up to 1.7.0.
What is the cause of CVE-2023-30463?
CVE-2023-30463 is caused by an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets.
How can I mitigate the impact of CVE-2023-30463?
To mitigate the impact of CVE-2023-30463, it is recommended to update Altran picoTCP to a version beyond 1.7.0.
- collector/nvd-index
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/event
- agent/type
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/altran
- canonical/altran picotcp
- version/altran picotcp/1.7.0