CVE-2019-9183
on github
Published
Severity
CVSS v3:
7.5 HIGH
CVSS v2:
5 MEDIUM
Description
An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This results in accesses of unmapped memory, crashing the application. An attacker can cause a denial-of-service via a crafted 6LoWPAN frame.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:o:contiki-os:contiki:*:*:*:*:*:*:*:* | n/a | 3.0 (including) | * |
cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:* | n/a | 4.3 (including) | * |