Buffer Overflow Vulnerability in RIOT-OS by RIOT-OS Foundation
CVE-2021-27357

9.8CRITICAL

Key Information:

Vendor: Riot-os
Status: Riot
Vendor: CVE Published:; 6 April 2021

What is CVE-2021-27357?

The RIOT-OS 2020.01 release contains a buffer overflow vulnerability located in the routing module's handling of control messages. This flaw can allow an attacker to exploit the system by sending specially crafted packets, which may lead to data corruption, service disruption, or unauthorized access. It's crucial for users of RIOT-OS to apply patches and follow security best practices to mitigate potential risks associated with this vulnerability.

References

https://github.com/RIOT-OS/RIOT/issues/16018

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 6, 2021
Vulnerability Reserved
Feb 16, 2021

Riot-os

What is CVE-2021-27357?

References

CVSS V3.1

Timeline