CWE
125
Advisory Published
Updated

CVE-2023-37459: Out-of-bounds read when processing a received IPv6 packet

First published: Fri Sep 15 2023(Updated: )

Contiki-NG is an operating system for internet-of-things devices. In versions 4.9 and prior, when a packet is received, the Contiki-NG network stack attempts to start the periodic TCP timer if it is a TCP packet with the SYN flag set. But the implementation does not first verify that a full TCP header has been received. Specifically, the implementation attempts to access the flags field from the TCP buffer in the following conditional expression in the `check_for_tcp_syn` function. For this reason, an attacker can inject a truncated TCP packet, which will lead to an out-of-bound read from the packet buffer. As of time of publication, a patched version is not available. As a workaround, one can apply the changes in Contiki-NG pull request #2510 to patch the system.

Credit: security-advisories@github.com security-advisories@github.com

Affected SoftwareAffected VersionHow to fix
Contiki-ng Contiki-ng<=4.9

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2023-37459?

    CVE-2023-37459 is a vulnerability in the Contiki-NG operating system for internet-of-things devices, where the implementation does not verify a full TCP header before starting the periodic TCP timer for TCP packets with the SYN flag set.

  • What is the severity of CVE-2023-37459?

    The severity of CVE-2023-37459 is medium with a CVSS score of 5.3.

  • How does CVE-2023-37459 affect Contiki-NG?

    CVE-2023-37459 affects Contiki-NG versions 4.9 and prior.

  • How can I fix CVE-2023-37459?

    To fix CVE-2023-37459, update to a version of Contiki-NG that is newer than 4.9.

  • What is CWE-125?

    CWE-125 is a Common Weakness Enumeration category for out-of-bounds read, which is the underlying weakness associated with CVE-2023-37459.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203