Описание
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Service or an information leak.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 1.7.0 (включая)Версия до 1.7.0 (включая)
Одно из
cpe:2.3:a:altran:picotcp:*:*:*:*:*:*:*:*
cpe:2.3:a:altran:picotcp-ng:*:*:*:*:*:*:*:*
EPSS
Процентиль: 72%
0.00739
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Service or an information leak.
EPSS
Процентиль: 72%
0.00739
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-125