Описание
Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attackers, to cause a denial of service or possibly have unspecified other impact via a malformed IPv6 address.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatch
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatchThird Party Advisory
- Issue TrackingPatch
Уязвимые конфигурации
Конфигурация 1Версия до 2017.01 (включая)
cpe:2.3:a:riot_project:riot:*:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.0061
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Stack-based buffer overflow in the ipv6_addr_from_str function in sys/net/network_layer/ipv6/addr/ipv6_addr_from_str.c in RIOT prior to 2017-04-25 allows local attackers, and potentially remote attackers, to cause a denial of service or possibly have unspecified other impact via a malformed IPv6 address.
EPSS
Процентиль: 69%
0.0061
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-119