CVE-2023-23609

Published on: Not Yet Published

Last Modified on: 02/07/2023 07:59:00 PM UTC

CVE-2023-23609 - advisory for GHSA-qr4q-6h3m-h3g7

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

Certain versions of Contiki-ng from Contiki-ng contain the following vulnerability:

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol (BLE-L2CAP) module handles fragmentation of packets up the configured MTU size. When fragments are reassembled, they are stored in a packet buffer of a configurable size, but there is no check to verify that the packet buffer is large enough to hold the reassembled packet. In Contiki-NG's default configuration, it is possible that an out-of-bounds write of up to 1152 bytes occurs. The vulnerability has been patched in the "develop" branch of Contiki-NG, and will be included in release 4.9. The problem can be fixed by applying the patch in Contiki-NG pull request #2254 prior to the release of version 4.9.

CVE-2023-23609 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.
Affected Vendor/Software: contiki-ng - contiki-ng version = <= 4.8

CVSS3 Score: 7.4 - HIGH

Attack Vector ^ⓘ	Attack Complexity	Privileges Required	User Interaction
ADJACENT_NETWORK	LOW	NONE	NONE
Scope	Confidentiality Impact	Integrity Impact	Availability Impact
CHANGED	NONE	HIGH	NONE

CVE References

Description	Tags ^ⓘ	Link
Improper size validation of L2CAP frames · Advisory · contiki-ng/contiki-ng · GitHub	github.com text/html	MISC github.com/contiki-ng/contiki-ng/security/advisories/GHSA-qr4q-6h3m-h3g7
Check available packetbuf space before writing to it in ble-l2cap by nvt · Pull Request #2254 · contiki-ng/contiki-ng · GitHub	github.com text/html	MISC github.com/contiki-ng/contiki-ng/pull/2254

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

There are currently no QIDs associated with this CVE

Exploit/POC from Github

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and …

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Contiki-ng	Contiki-ng	All	All	All	All

cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:*:

No vendor comments have been submitted for this CVE

Social Mentions

Source	Title	Posted (UTC)
@CVEreport	CVE-2023-23609 : Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Ver… twitter.com/i/web/status/1…	2023-01-26 22:03:46