VYPR
Unrated severityNVD Advisory· Published Apr 24, 2023· Updated Feb 4, 2025

RIOT-OS vulnerable to Null Pointer dereference during IPHC encoding

CVE-2023-24822

Description

RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference while encoding a 6LoWPAN IPHC header. The NULL pointer dereference causes a hard fault exception, leading to denial of service. Version 2022.10 fixes this issue. As a workaround, apply the patches manually.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Riot OS/Riotllm-fuzzy2 versions
    <2022.10+ 1 more
    • (no CPE)range: <2022.10
    • (no CPE)range: < 2022.10

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.