Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcp_parse_options() in pico_tcp.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
picoTCP-NG 和 picoTCP 输入验证错误漏洞
Vulnerability Description
Contiki是一套用于IoT(物联网)设备的开源跨平台操作系统。Contiki-NG是一套用于下一代IoT(物联网)设备的开源跨平台操作系统。TCP(Transmission Control Protocol,传输控制协议)是一种面向连接的、可靠的、基于字节流的传输层通信协议,由IETF的RFC 793定义。 picoTCP-NG和picoTCP 存在输入验证错误漏洞,该漏洞源于处理TCP选项的函数不会验证其长度,从而使攻击者可以将具有精心制作的长度值的不常见/不受支持的TCP选项放入无限循环中。
CVSS Information
N/A
Vulnerability Type
N/A