Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2023-24822: gnrc_sixlowpan: Various hardening fixes [backport 2022.10] by miri64 · Pull Request #18820 · RIOT-OS/RIOT

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference while encoding a 6LoWPAN IPHC header. The NULL pointer dereference causes a hard fault exception, leading to denial of service. Version 2022.10 fixes this issue. As a workaround, apply the patches manually.

CVE
Open in Source
#dos#buffer_overflow
CVE-2023-30372: Tenda/10.md at main · 2205794866/Tenda

In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability.

CVE-2023-30371: Tenda/4.md at main · 2205794866/Tenda

In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability.

CVE-2023-30375: Tenda/1.md at main · 2205794866/Tenda

In Tenda AC15 V15.03.05.19, the function "getIfIp" contains a stack-based buffer overflow vulnerability.

CVE-2023-30373: Tenda/8.md at main · 2205794866/Tenda

In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability.

CVE-2023-30376: Tenda/9.md at main · 2205794866/Tenda

In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability.

CVE-2023-30378: Tenda/5.md at main · 2205794866/Tenda

In Tenda AC15 V15.03.05.19, the function "sub_8EE8" contains a stack-based buffer overflow vulnerability.

CVE-2023-30370: Tenda/7.md at main · 2205794866/Tenda

In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.

CVE-2023-30368: Tenda/1.md at main · 2205794866/Tenda

Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function.