Out-of-bounds write in IEEE 802.15.4 radio driver in Contiki-NG
CVE-2023-48229

7HIGH

Key Information:

Vendor: contiki-ng
Status: contiki-ng
Vendor: CVE Published:; 14 February 2024

What is CVE-2023-48229?

The Contiki-NG, a widely-used open-source operating system for next-generation IoT devices, contains an out-of-bounds write vulnerability found in the driver for IEEE 802.15.4 radios on nRF platforms. This security issue arises during the packet parsing process within the read_frame function. Specifically, the payload length of incoming radio frames is not fully validated, allowing an attacker to send malicious packets that may cause an out-of-bounds write to occur. Although the initial validation checks limit the payload to a maximum transmission unit (MTU) length, it fails to ensure that this length fits within the designated buffer, potentially leading to memory corruption. Users are strongly advised to upgrade to the latest development branch of Contiki-NG or apply the provided patches to mitigate the risks associated with this vulnerability.

Affected Version(s)

contiki-ng <= 4.9

References

https://github.com/contiki-ng/contiki-ng/security/advisor...

x_refsource_CONFIRM

https://github.com/contiki-ng/contiki-ng/pull/2741

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Nov 13, 2023