漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
FreeRTOS-Plus-TCP Buffer Over-Read in DNS Response Parser
Vulnerability Description
FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the actual domain name length, could cause the parser to read beyond the DNS response buffer. This issue affects applications using DNS functionality of the FreeRTOS-Plus-TCP stack. Applications that do not use DNS functionality are not affected, even when the DNS functionality is enabled. This vulnerability has been patched in version 4.1.1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:H
Vulnerability Type
缓冲区上溢读取
Vulnerability Title
FreeRTOS-Plus-TCP 安全漏洞
Vulnerability Description
FreeRTOS-Plus-TCP是FreeRTOS开源的一种适用于 FreeRTOS 的可扩展的开源和线程安全 TCP/IP 堆栈。 FreeRTOS-Plus-TCP 4.1.1之前版本存在安全漏洞,该漏洞源于DNS 响应解析器中存在缓冲区过度读取。
CVSS Information
N/A
Vulnerability Type
N/A