Published on: Not Yet Published
Last Modified on: 02/07/2023 07:59:00 PM UTC
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and including 4.8 are vulnerable to an out-of-bounds write that can occur in the BLE-L2CAP module. The Bluetooth Low Energy - Logical Link Control and Adaptation Layer Protocol (BLE-L2CAP) module handles fragmentation of packets up the configured MTU size. When fragments are reassembled, they are stored in a packet buffer of a configurable size, but there is no check to verify that the packet buffer is large enough to hold the reassembled packet. In Contiki-NG's default configuration, it is possible that an out-of-bounds write of up to 1152 bytes occurs. The vulnerability has been patched in the "develop" branch of Contiki-NG, and will be included in release 4.9. The problem can be fixed by applying the patch in Contiki-NG pull request #2254 prior to the release of version 4.9.
- CVE-2023-23609 has been assigned by security-adviso[email protected] to track the vulnerability - currently rated as HIGH severity.
- Affected Vendor/Software: contiki-ng - contiki-ng version = <= 4.8
CVSS3 Score: 7.4 - HIGH
|Improper size validation of L2CAP frames · Advisory · contiki-ng/contiki-ng · GitHub|| github.com |
|Check available packetbuf space before writing to it in ble-l2cap by nvt · Pull Request #2254 · contiki-ng/contiki-ng · GitHub|| github.com |
Exploit/POC from Github
Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to and …
Known Affected Configurations (CPE V2.3)
|@CVEreport||CVE-2023-23609 : Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Ver… twitter.com/i/web/status/1…||2023-01-26 22:03:46|