Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RIOT-OS vulnerable to Race Condition in SFR Timeout
Vulnerability Description
RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. In versions 2023.01 and prior, an attacker can send multiple crafted frames to the device to trigger a race condition. The race condition invalidates assumptions about the program state and leads to an invalid memory access resulting in denial of service. This issue is patched in pull request 19679. There are no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
使用共享资源的并发执行不恰当同步问题(竞争条件)
Vulnerability Title
RIOT RIOT-OS 竞争条件问题漏洞
Vulnerability Description
RIOT RIOT-OS是一套应用于物联网领域的操作系统。 RIOT RIOT-OS 2023.01及之前版本存在安全漏洞,该漏洞源于触发竞争条件,攻击者利用该漏洞可以进行拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A