CVE-2023-35846

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-35846

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-35846.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-35846

Published

2023-06-19T03:15:09Z

Modified

2025-10-10T04:34:06.371691Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering.

References

https://github.com/virtualsquare/picotcp/commit/d561990a358899178115e156871cc054a1c55ffe

Affected packages

Git / github.com/virtualsquare/picotcp

Affected ranges

Type: GIT
Repo: https://github.com/virtualsquare/picotcp
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

d561990a358899178115e156871cc054a1c55ffe

Affected versions

2.*

2.0.0

V1.*

V1.0

V1.2.4

Other

sprint0

sprint1

sprint2

sprint3

sprint4

sprint5

sprint6

sprint7

sprint8

v1.*

v1.1-rc1

v1.2

v1.2.1

v1.2.2

v1.2.3

v1.3.0

v1.4.0

v1.4.1-dev-customer-sprint1

v1.5.0

v1.5.1

v1.6.0

v1.6.1

v1.6.2

v1.7.0

v2.*

v2.1

Database specific

{
    "vanir_signatures": [
        {
            "id": "CVE-2023-35846-380a6e0e",
            "digest": {
                "length": 803.0,
                "function_hash": "15604502874702612504111479175039028916"
            },
            "source": "https://github.com/virtualsquare/picotcp/commit/d561990a358899178115e156871cc054a1c55ffe",
            "target": {
                "function": "ipfilter",
                "file": "modules/pico_ipfilter.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Function"
        },
        {
            "id": "CVE-2023-35846-cd68b641",
            "digest": {
                "line_hashes": [
                    "232285406632546315363789241261533024495",
                    "248071416619885531072362073670366830268",
                    "256617179242313006427055983467964023110",
                    "213842307385690783473638154939023626648",
                    "285770788318624447220688066452460489083",
                    "163110542380558240445229369479204111",
                    "276597177956886508362739783233940125898",
                    "203136066528707677838631440993583226305",
                    "69438710099917194790702831334998226616",
                    "263416057362065578551281656644685860219",
                    "18438235547931478203702648496708742847",
                    "214312749964043464020660052127994588030",
                    "93646454849211744810170274829586574755",
                    "224104974157288606537487666352805840938"
                ],
                "threshold": 0.9
            },
            "source": "https://github.com/virtualsquare/picotcp/commit/d561990a358899178115e156871cc054a1c55ffe",
            "target": {
                "file": "modules/pico_ipfilter.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "signature_type": "Line"
        }
    ]
}