CVE-2023-24819

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-24819
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-24819.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-24819
Aliases
  • GHSA-fv97-2448-gcf6
Published
2023-04-24T14:42:44.016Z
Modified
2026-04-10T04:55:54.188449Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
RIOT-OS vulnerable to Buffer Overflow during IPHC receive
Details

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. Version 2022.10 fixes this issue. As a workaround, disable support for fragmented IP datagrams or apply the patches manually.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/24xxx/CVE-2023-24819.json",
    "cwe_ids": [
        "CWE-131",
        "CWE-787"
    ],
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/riot-os/riot

Affected ranges

Type
GIT
Repo
https://github.com/riot-os/riot
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
365fbed906226dc36f50b0929e07426acbcc1e7d
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2022.10"
        }
    ]
}

Affected versions

2013.*
2013.08
2014.*
2014.01
2014.05
2014.12
2015.*
2015.09-RC1
2015.12-RC1
2015.12-devel
2016.*
2016.03-devel
2016.04-RC1
2016.07-RC1
2016.07-RC2
2016.07-devel
2016.10-RC1
2016.10-devel
2017.*
2017.01-RC1
2017.01-devel
2017.04-RC1
2017.04-devel
2017.07-RC1
2017.07-devel
2017.10-RC1
2017.10-devel
2018.*
2018.01-RC1
2018.01-devel
2018.04-RC1
2018.04-devel
2018.07-RC1
2018.07-devel
2018.10-RC1
2018.10-devel
2019.*
2019.01-RC1
2019.01-devel
2019.04-RC1
2019.04-devel
2019.07-RC1
2019.07-devel
2019.10-RC1
2019.10-devel
2020.*
2020.01-RC1
2020.01-devel
2020.04-RC1
2020.04-devel
2020.07-RC1
2020.07-devel
2020.10-RC1
2020.10-devel
2021.*
2021.01-RC1
2021.01-devel
2021.04-RC1
2021.04-devel
2021.07-RC1
2021.07-devel
2021.10-RC1
2021.10-devel
2022.*
2022.01-RC1
2022.01-devel
2022.04-RC1
2022.04-devel
2022.07-devel

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-24819.json"