CVE-2023-30463

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-30463
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-30463.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-30463
Published
2023-04-19T12:15:08.343Z
Modified
2026-04-10T04:57:49.435993Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in picoipv6alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 may occur.

References

Affected packages

Git / github.com/tass-belgium/picotcp

Affected ranges

Type
GIT
Repo
https://github.com/tass-belgium/picotcp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
13c00a067190f5ec62340ed932a2bb833c366d63
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.7.0"
        }
    ]
}

Affected versions

V1.*
V1.0
V1.2.4
Other
sprint0
sprint1
sprint2
sprint3
sprint4
sprint5
sprint6
sprint7
sprint8
v1.*
v1.2
v1.2.1
v1.2.2
v1.3.0
v1.5.0
v1.5.1
v1.6.0
v1.6.1
v1.6.2
v1.7.0

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-30463.json"