CVE-2020-24335

contiki-ng/contiki-ng
on github
adamdunkels/uip
on github
contiki-os/contiki
on github

Published

Severity

CVSS v3:
7.5 HIGH
CVSS v2:
5 MEDIUM

Description

An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets.

References

Configurations

CPE23Version StartVersion EndExact Version

External Links