CVE-2023-50927 - OpenCVE

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for DIO and DAO messages, in particular when they contain RPL sub-option headers. The problem has been patched in Contiki-NG 4.9. Users are advised to upgrade. Users unable to upgrade should manually apply the code changes in PR #2484.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://github.com/contiki-ng/contiki-ng/pull/2484
https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-02-14T19:22:05.243Z

Updated: 2024-08-02T22:23:43.859Z

Reserved: 2023-12-15T20:57:23.174Z

Link: CVE-2023-50927

Vulnrichment

Updated: 2024-08-02T22:23:43.859Z

NVD

Status : Awaiting Analysis

Published: 2024-02-14T20:15:45.367

Modified: 2024-02-15T06:23:39.303

Link: CVE-2023-50927

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-50927", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-12-15T20:57:23.174Z", "datePublished": "2024-02-14T19:22:05.243Z", "dateUpdated": "2024-08-02T22:23:43.859Z"}, "containers": {"cna": {"title": "Insufficient boundary checks for DIO and DAO messages in RPL-Lite in Contiki-NG", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw"}, {"name": "https://github.com/contiki-ng/contiki-ng/pull/2484", "tags": ["x_refsource_MISC"], "url": "https://github.com/contiki-ng/contiki-ng/pull/2484"}], "affected": [{"vendor": "contiki-ng", "product": "contiki-ng", "versions": [{"version": "< 4.9", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-14T19:22:05.243Z"}, "descriptions": [{"lang": "en", "value": "Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for DIO and DAO messages, in particular when they contain RPL sub-option headers. The problem has been patched in Contiki-NG 4.9. Users are advised to upgrade. Users unable to upgrade should manually apply the code changes in PR #2484."}], "source": {"advisory": "GHSA-9423-rgj4-wjfw", "discovery": "UNKNOWN"}}, "adp": [{"affected": [{"vendor": "contiki-ng", "product": "contiki-ng", "cpes": ["cpe:2.3:o:contiki-ng:contiki-ng:4.9:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "4.9", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-15T16:42:01.347508Z", "id": "CVE-2023-50927", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-29T15:45:17.437Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:23:43.859Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw"}, {"name": "https://github.com/contiki-ng/contiki-ng/pull/2484", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/contiki-ng/contiki-ng/pull/2484"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw", "name": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/contiki-ng/contiki-ng/pull/2484", "name": "https://github.com/contiki-ng/contiki-ng/pull/2484", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:23:43.859Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-50927", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-15T16:42:01.347508Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:contiki-ng:contiki-ng:4.9:*:*:*:*:*:*:*"], "vendor": "contiki-ng", "product": "contiki-ng", "versions": [{"status": "affected", "version": "0", "lessThan": "4.9", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-29T15:45:10.348Z"}}], "cna": {"title": "Insufficient boundary checks for DIO and DAO messages in RPL-Lite in Contiki-NG", "source": {"advisory": "GHSA-9423-rgj4-wjfw", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "contiki-ng", "product": "contiki-ng", "versions": [{"status": "affected", "version": "< 4.9"}]}], "references": [{"url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw", "name": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/contiki-ng/contiki-ng/pull/2484", "name": "https://github.com/contiki-ng/contiki-ng/pull/2484", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for DIO and DAO messages, in particular when they contain RPL sub-option headers. The problem has been patched in Contiki-NG 4.9. Users are advised to upgrade. Users unable to upgrade should manually apply the code changes in PR #2484."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-02-14T19:22:05.243Z"}}}, "cveMetadata": {"cveId": "CVE-2023-50927", "state": "PUBLISHED", "dateUpdated": "2024-08-02T22:23:43.859Z", "dateReserved": "2023-12-15T20:57:23.174Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-02-14T19:22:05.243Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for DIO and DAO messages, in particular when they contain RPL sub-option headers. The problem has been patched in Contiki-NG 4.9. Users are advised to upgrade. Users unable to upgrade should manually apply the code changes in PR #2484."}, {"lang": "es", "value": "Contiki-NG es un sistema operativo multiplataforma de c\u00f3digo abierto para dispositivos IoT de pr\u00f3xima generaci\u00f3n. Un atacante puede activar lecturas fuera de los l\u00edmites en la implementaci\u00f3n RPL-Lite del protocolo RPL en el sistema operativo Contiki-NG. Esta vulnerabilidad se debe a un control insuficiente de la longitud de los mensajes DIO y DAO, en particular cuando contienen encabezados de subopciones RPL. El problema ha sido solucionado en Contiki-NG 4.9. Se recomienda a los usuarios que actualicen. Los usuarios que no puedan actualizar deben aplicar manualmente los cambios de c\u00f3digo en PR #2484."}], "id": "CVE-2023-50927", "lastModified": "2024-02-15T06:23:39.303", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2024-02-14T20:15:45.367", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/contiki-ng/contiki-ng/pull/2484"}, {"source": "security-advisories@github.com", "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-9423-rgj4-wjfw"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security-advisories@github.com", "type": "Primary"}]}