Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the size of the ICMPv6 echo replies has an integer wrap around, leading to memory corruption and, eventually, Denial-of-Service in pico_icmp6_send_echoreply_not_frag in pico_icmp6.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
picoTCP-NG 和 picoTCP 输入验证错误漏洞
Vulnerability Description
Contiki是一套用于IoT(物联网)设备的开源跨平台操作系统。Contiki-NG是一套用于下一代IoT(物联网)设备的开源跨平台操作系统。 picoTCP-NG 和 picoTCP 存在输入验证错误漏洞,该漏洞源于不检查ICMPv6标头是否至少包含8个字节(由RFC443设置)。这导致函数根据接收到的请求创建ICMPv6回显答复,该请求具有较小的标头以破坏内存。
CVSS Information
N/A
Vulnerability Type
N/A