Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
RIOT Vulnerable to Multiple Out-of-Bounds Read When Processing Received 6LoWPAN SFR Fragments
Vulnerability Description
RIOT is an open-source microcontroller operating system, designed to match the requirements of Internet of Things (IoT) devices and other embedded devices. In version 2025.10 and prior, multiple out-of-bounds read allow any unauthenticated user, with ability to send or manipulate input packets, to read adjacent memory locations, or crash a vulnerable device running the 6LoWPAN stack. The received packet is cast into a sixlowpan_sfr_rfrag_t struct and dereferenced without validating the packet is large enough to contain the struct object. At time of publication, no known patch exists.
CVSS Information
N/A
Vulnerability Type
跨界内存读
Vulnerability Title
RIOT 缓冲区错误漏洞
Vulnerability Description
RIOT是RIOT开源的一套应用于物联网领域的操作系统。 RIOT 2025.10及之前版本存在缓冲区错误漏洞,该漏洞源于多个越界读取漏洞,可能导致读取相邻内存位置或设备崩溃。
CVSS Information
N/A
Vulnerability Type
N/A