CVE-2021-32771 - OpenCVE

Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG system must have joined an RPL DODAG. After that, an attacker can send a DAO packet with a Target option that contains a prefix length larger than 128 bits. The problem was fixed after the release of Contiki-NG 4.7. Users unable to upgrade may apply the patch in Contiki-NG PR #1615.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Contiki-ng	Contiki-ng

Configuration 1 [-]

cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/contiki-ng/contiki-ng/pull/1615
https://github.com/contiki-ng/contiki-ng/pull/1615/commits/587ae59956e00316fd44fd7072ac3a6a07b4b20f
https://github.com/contiki-ng/contiki-ng/releases/tag/release%2Fv4.8
https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-jqjf-v7v9-xp6w

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-08-04T20:25:16

Updated: 2024-08-03T23:33:55.883Z

Reserved: 2021-05-12T00:00:00

Link: CVE-2021-32771

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-08-04T21:15:07.907

Modified: 2022-08-10T18:08:13.533

Link: CVE-2021-32771

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "contiki-ng", "vendor": "contiki-ng", "versions": [{"status": "affected", "version": "< 4.8"}]}], "descriptions": [{"lang": "en", "value": "Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG system must have joined an RPL DODAG. After that, an attacker can send a DAO packet with a Target option that contains a prefix length larger than 128 bits. The problem was fixed after the release of Contiki-NG 4.7. Users unable to upgrade may apply the patch in Contiki-NG PR #1615."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-04T20:25:16", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-jqjf-v7v9-xp6w"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/contiki-ng/contiki-ng/pull/1615"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/contiki-ng/contiki-ng/pull/1615/commits/587ae59956e00316fd44fd7072ac3a6a07b4b20f"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/contiki-ng/contiki-ng/releases/tag/release%2Fv4.8"}], "source": {"advisory": "GHSA-jqjf-v7v9-xp6w", "discovery": "UNKNOWN"}, "title": "Buffer overflow in contiki-ng", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32771", "STATE": "PUBLIC", "TITLE": "Buffer overflow in contiki-ng"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "contiki-ng", "version": {"version_data": [{"version_value": "< 4.8"}]}}]}, "vendor_name": "contiki-ng"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG system must have joined an RPL DODAG. After that, an attacker can send a DAO packet with a Target option that contains a prefix length larger than 128 bits. The problem was fixed after the release of Contiki-NG 4.7. Users unable to upgrade may apply the patch in Contiki-NG PR #1615."}]}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-jqjf-v7v9-xp6w", "refsource": "CONFIRM", "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-jqjf-v7v9-xp6w"}, {"name": "https://github.com/contiki-ng/contiki-ng/pull/1615", "refsource": "MISC", "url": "https://github.com/contiki-ng/contiki-ng/pull/1615"}, {"name": "https://github.com/contiki-ng/contiki-ng/pull/1615/commits/587ae59956e00316fd44fd7072ac3a6a07b4b20f", "refsource": "MISC", "url": "https://github.com/contiki-ng/contiki-ng/pull/1615/commits/587ae59956e00316fd44fd7072ac3a6a07b4b20f"}, {"name": "https://github.com/contiki-ng/contiki-ng/releases/tag/release%2Fv4.8", "refsource": "MISC", "url": "https://github.com/contiki-ng/contiki-ng/releases/tag/release%2Fv4.8"}]}, "source": {"advisory": "GHSA-jqjf-v7v9-xp6w", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:33:55.883Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-jqjf-v7v9-xp6w"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/contiki-ng/contiki-ng/pull/1615"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/contiki-ng/contiki-ng/pull/1615/commits/587ae59956e00316fd44fd7072ac3a6a07b4b20f"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/contiki-ng/contiki-ng/releases/tag/release%2Fv4.8"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-32771", "datePublished": "2022-08-04T20:25:16", "dateReserved": "2021-05-12T00:00:00", "dateUpdated": "2024-08-03T23:33:55.883Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:*", "matchCriteriaId": "8753C87C-46B4-467B-9598-30E562D5CB38", "versionEndExcluding": "4.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG system must have joined an RPL DODAG. After that, an attacker can send a DAO packet with a Target option that contains a prefix length larger than 128 bits. The problem was fixed after the release of Contiki-NG 4.7. Users unable to upgrade may apply the patch in Contiki-NG PR #1615."}, {"lang": "es", "value": "Contiki-NG es un sistema operativo de c\u00f3digo abierto y multiplataforma para dispositivos IoT. En las versiones afectadas es posible causar un desbordamiento de b\u00fafer cuando es copiado un prefijo de direcci\u00f3n IPv6 en la implementaci\u00f3n RPL-Classic en Contiki-NG. Para desencadenar la vulnerabilidad, el sistema Contiki-NG debe haberse unido a un DODAG RPL. Despu\u00e9s, un atacante puede enviar un paquete DAO con una opci\u00f3n Target que contenga una longitud de prefijo superior a 128 bits. El problema ha sido solucionado tras el lanzamiento de Contiki-NG versi\u00f3n 4.7. Los usuarios que no puedan actualizar pueden aplicar el parche en Contiki-NG PR #1615"}], "id": "CVE-2021-32771", "lastModified": "2022-08-10T18:08:13.533", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-08-04T21:15:07.907", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/contiki-ng/contiki-ng/pull/1615"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/contiki-ng/contiki-ng/pull/1615/commits/587ae59956e00316fd44fd7072ac3a6a07b4b20f"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/contiki-ng/contiki-ng/releases/tag/release%2Fv4.8"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-jqjf-v7v9-xp6w"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}], "source": "security-advisories@github.com", "type": "Primary"}]}