CVE-2023-31129
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-31129
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-31129.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-31129
- Aliases
-
- GHSA-x29r-5qjg-75mq
- Published
- 2023-05-08T20:51:14Z
- Modified
- 2025-11-04T20:12:51.843756Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- Contiki-NG missing NULL pointer check in IPv6 neighbor discovery
- Details
-
The Contiki-NG operating system versions 4.8 and prior can be triggered to dereference a NULL pointer in the message handling code for IPv6 router solicitiations. Contiki-NG contains an implementation of IPv6 Neighbor Discovery (ND) in the module
os/net/ipv6/uip-nd6.c. The ND protocol includes a message type called Router Solicitation (RS), which is used to locate routers and update their address information via the SLLAO (Source Link-Layer Address Option). If the indicated source address changes, a given neighbor entry is set to the STALE state.The message handler does not check for RS messages with an SLLAO that indicates a link-layer address change that a neighbor entry can actually be created for the indicated address. The resulting pointer is used without a check, leading to the dereference of a NULL pointer of type
uip_ds6_nbr_t.The problem has been patched in the
developbranch of Contiki-NG, and will be included in the upcoming 4.9 release. As a workaround, users can apply Contiki-NG pull request #2271 to patch the problem directly. - Database specific
{ "cwe_ids": [ "CWE-476" ] }- References