CVE-2022-35926

Summary

CVE	CVE-2022-35926
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2022-08-04 21:15:00 UTC
Updated	2022-08-11 14:14:00 UTC
Description	Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the module os/net/ipv6/uip-nd6.c, where memory read operations from the main packet buffer, <code>uip_buf</code>, are not checked if they go out of bounds. In particular, this problem can occur when attempting to read the 2-byte option header and the Source Link-Layer Address Option (SLLAO). This attack requires ipv6 be enabled for the network. The problem has been patched in the develop branch of Contiki-NG. The upcoming 4.8 release of Contiki-NG will include the patch.Users unable to upgrade may apply the patch in Contiki-NG PR #1654.

Risk And Classification

Problem Types: CWE-125

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Contiki-ng	Contiki-ng	All	All	All	All

References

Reference	Source	Link	Tags
uip-nd6: Check buffer space for ND6 option headers. by nvt · Pull Request #1654 · contiki-ng/contiki-ng · GitHub	MISC	github.com
Release Version 4.8 · contiki-ng/contiki-ng · GitHub	MISC	github.com
Out-of-bounds read in IPv6 neighbor solicitation · Advisory · contiki-ng/contiki-ng · GitHub	CONFIRM	github.com
uip-nd6: Check buffer space for ND6 option headers. by nvt · Pull Request #1654 · contiki-ng/contiki-ng · GitHub	MISC	github.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.