CVE-2023-33974: RIOT-OS vulnerable to Race Condition in SFR Timeout
First published: Tue May 30 2023(Updated: )
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send multiple crafted frames to the device to trigger a race condition. The race condition invalidates assumptions about the program state and leads to an invalid memory access resulting in denial of service. This issue is patched in pull request 19679. There are no known workarounds.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Riot-os Riot | <=2023.01 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/RIOT-OS/RIOT/blob/master/sys/net/gnrc/network_layer/sixlowpan/frag/sfr/gnrc_sixlowpan_frag_sfr.c#L404
- https://github.com/RIOT-OS/RIOT/blob/master/sys/net/gnrc/network_layer/sixlowpan/frag/sfr/gnrc_sixlowpan_frag_sfr.c#L1586
- https://github.com/RIOT-OS/RIOT/pull/19679
- https://github.com/RIOT-OS/RIOT/blob/f41b4b67b6affca0a8b32edced7f51088696869a/sys/net/gnrc/network_layer/sixlowpan/frag/sfr/gnrc_sixlowpan_frag_sfr.c#L509
- https://github.com/RIOT-OS/RIOT/commit/31c6191f6196f1a05c9765cffeadba868e3b0723
- https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-8m3w-mphf-wxm8
- https://github.com/RIOT-OS/RIOT/blob/f41b4b67b6affca0a8b32edced7f51088696869a/sys/net/gnrc/network_layer/sixlowpan/frag/sfr/gnrc_sixlowpan_frag_sfr.c#L617
- https://github.com/RIOT-OS/RIOT/blob/f41b4b67b6affca0a8b32edced7f51088696869a/sys/net/gnrc/network_layer/sixlowpan/frag/sfr/gnrc_sixlowpan_frag_sfr.c#L1717
Frequently Asked Questions
What is the severity of CVE-2023-33974?
CVE-2023-33974 has a high severity rating due to its potential for exploitation via a race condition that affects the network stack of RIOT-OS.
How do I fix CVE-2023-33974?
To fix CVE-2023-33974, update RIOT-OS to a version later than 2023.01 that addresses this race condition.
What versions of RIOT-OS are affected by CVE-2023-33974?
CVE-2023-33974 affects all versions of RIOT-OS up to and including 2023.01.
What is the impact of exploiting CVE-2023-33974?
Exploiting CVE-2023-33974 can lead to denial-of-service conditions and potential unauthorized access to IoT devices.
Who is at risk from CVE-2023-33974?
IoT device manufacturers and users utilizing affected versions of RIOT-OS are at risk from CVE-2023-33974.
- collector/nvd-latest
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/severity
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/source
- vendor/riot-os
- canonical/riot-os riot
- version/riot-os riot/2023.01