Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A type confusion issue was discovered in CCN-lite 2, leading to a memory access violation and a failure of the nonce feature (which, for example, helped with loop prevention). ccnl_fwd_handleInterest assumes that the union member s is of type ccnl_pktdetail_ndntlv_s. However, if the type is in fact struct ccnl_pktdetail_ccntlv_s or struct ccnl_pktdetail_iottlv_s, the memory at that point is either uninitialised or points to data that is not a nonce, which renders the code using the local variable nonce pointless. A later nonce check is insufficient.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CCN-lite 安全漏洞
Vulnerability Description
CCN-lite是CCN-lite项目的一个轻量级CCNx(内容中心网络协议)的实现。 CCN-lite 2版本中存在类型混淆漏洞。攻击者可利用该漏洞造成内存访问冲突。
CVSS Information
N/A
Vulnerability Type
N/A