CVE-2020-25111
Summary
| CVE | CVE-2020-25111 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2020-12-11 23:15:00 UTC |
|---|
| Updated | 2020-12-15 02:01:00 UTC |
|---|
| Description | An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Operating System |
Contiki-os |
Contiki-os |
All |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| VU#815128 - Embedded TCP/IP stacks have memory corruption vulnerabilities |
MISC |
www.kb.cert.org |
Third Party Advisory, US Government Resource |
| Multiple Embedded TCP/IP Stacks | CISA |
MISC |
us-cert.cisa.gov |
Third Party Advisory, US Government Resource |
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 730155 McAfee Web Gateway Multiple Vulnerabilities(WP-3580, WP-3656, WP-3815, WP-3878, WP-3882, WP-3934,WP-3935, WP-3936, WP-3999)
