First published: Wed Apr 19 2023(Updated: )
Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 may occur.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Altran picoTCP | <=1.7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2023-30463.
CVE-2023-30463 has a severity rating of 7.5 (high).
CVE-2023-30463 allows memory corruption and subsequent denial of service in Altran picoTCP versions up to 1.7.0.
CVE-2023-30463 is caused by an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets.
To mitigate the impact of CVE-2023-30463, it is recommended to update Altran picoTCP to a version beyond 1.7.0.