An issue was discovered in Contiki through 3.0. When sending an ICMPv6 error message because of invalid extension header options in an incoming IPv6 packet, there is an attempt to remove the RPL extension headers. Because the packet length and the extension header length are unchecked (with respect to the available data) at this stage, and these variables are susceptible to integer underflow, it is possible to construct an invalid extension header that will cause memory corruption issues and lead to a Denial-of-Service condition. This is related to rpl-ext-header.c.
References
Link | Resource |
---|---|
https://github.com/contiki-os/contiki/releases | Release Notes Third Party Advisory |
https://www.kb.cert.org/vuls/id/815128 | Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-03-24T13:52:03
Updated: 2021-03-24T13:52:03
Reserved: 2021-03-13T00:00:00
Link: CVE-2021-28362
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-03-24T14:15:14.173
Modified: 2021-03-26T21:10:44.483
Link: CVE-2021-28362
JSON object: View
Redhat Information
No data.
CWE