RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation (asymcute), potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT protocol message and the ephemeral port used by RIOT's MQTT implementation. Additionally, the server IP address is required for spoofing the packet.
References
Link | Resource |
---|---|
https://github.com/RIOT-OS/RIOT/pull/12293 | Exploit Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-09-24T17:50:13
Updated: 2019-09-24T17:50:13
Reserved: 2019-09-24T00:00:00
Link: CVE-2019-16754
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-09-24T18:15:11.110
Modified: 2020-02-18T21:29:15.070
Link: CVE-2019-16754
JSON object: View
Redhat Information
No data.
CWE