A vulnerability, which was classified as critical, has been found in Contiki-NG (version unknown). Affected by this issue is the function 6LoWPAN of the file os/net/ipv6/sicslowpan.c of the component Fragmented Packet Handler. The manipulation with an unknown input leads to a out-of-bounds write vulnerability. Using CWE to declare the problem leads to CWE-787. The product writes data past the end, or before the beginning, of the intended buffer. Impacted is confidentiality, integrity, and availability. CVE summarizes:

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in the Contiki-NG operating system (file os/net/ipv6/sicslowpan.c) contains an input function that processes incoming packets and copies them into a packet buffer. Because of a missing length check in the input function, it is possible to write outside the packet buffer's boundary. The vulnerability can be exploited by anyone who has the possibility to send 6LoWPAN packets to a Contiki-NG system. In particular, the vulnerability is exposed when sending either of two types of 6LoWPAN packets: an unfragmented packet or the first fragment of a fragmented packet. If the packet is sufficiently large, a subsequent memory copy will cause an out-of-bounds write with data supplied by the attacker.

The weakness was shared 09/01/2022 as GHSA-c36p-vhwg-244c. The advisory is shared for download at github.com. This vulnerability is handled as CVE-2022-36054 since 07/15/2022. There are known technical details, but no exploit is available.

Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com.

Productinfo

Name

• Contiki-NG

License

• open-source

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion