CVE-2023-29001

Source
https://cve.org/CVERecord?id=CVE-2023-29001
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29001.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-29001
Aliases
  • GHSA-7p75-mf53-ffwm
Published
2024-11-27T18:20:47.360Z
Modified
2026-04-10T04:57:03.353181Z
Severity
  • 8.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
Uncontrolled recursion due to insufficient validation of the IPv6 source routing header in Contiki-NG
Details

Contiki-NG is an open-source, cross-platform operating system for IoT devices. The Contiki-NG operating system processes source routing headers (SRH) in its two alternative RPL protocol implementations. The IPv6 implementation uses the results of this processing to determine whether an incoming packet should be forwarded to another host. Because of missing validation of the resulting next-hop address, an uncontrolled recursion may occur in the tcpipipv6output function in the os/net/ipv6/tcpip.c module when receiving a packet with a next-hop address that is a local address. Attackers that have the possibility to send IPv6 packets to the Contiki-NG host can therefore trigger deeply nested recursive calls, which can cause a stack overflow. The vulnerability has not been patched in the current release of Contiki-NG, but is expected to be patched in the next release. The problem can be fixed by applying the patch in Contiki-NG pull request #2264. Users are advised to either apply the patch manually or to wait for the next release. There are no known workarounds for this vulnerability.

Database specific
{
    "cwe_ids": [
        "CWE-674"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/29xxx/CVE-2023-29001.json"
}
References

Affected packages

Git / github.com/contiki-ng/contiki-ng

Affected ranges

Type
GIT
Repo
https://github.com/contiki-ng/contiki-ng
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.9"
        }
    ]
}

Affected versions

2.*
2.0
2.1
2.2
2.2.1
2.2.2
2.2.3
2.3
2.4
2.5-release
2.6
2.6-rc0
develop/v3.*
develop/v3.x-fork
develop/v4.*
develop/v4.0
Other
fork
old/v2.*
old/v2.0
old/v2.1
old/v2.2
old/v2.2.1
old/v2.2.2
old/v2.2.3
old/v2.3
old/v2.4
old/v2.6
release/v4.*
release/v4.0
release/v4.1
release/v4.2
release/v4.3
release/v4.4
release/v4.5
release/v4.6
release/v4.7
release/v4.8
release/v4.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29001.json"