An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets.
References
Link | Resource |
---|---|
https://github.com/adamdunkels/uip | Product Third Party Advisory |
https://github.com/contiki-ng/contiki-ng | Product Third Party Advisory |
https://github.com/contiki-os/contiki | Product Third Party Advisory |
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01 | Third Party Advisory US Government Resource |
https://www.kb.cert.org/vuls/id/815128 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-02-02T06:13:37
Updated: 2021-02-02T06:13:37
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-24335
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-02-02T07:15:13.833
Modified: 2021-02-04T21:24:33.727
Link: CVE-2020-24335
JSON object: View
Redhat Information
No data.
CWE