Riot
by Riot OS
Source repositories
CVEs (38)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-24821 | 0.00 | — | 0.01 | Apr 24, 2023 | RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet… | |||
| CVE-2023-24820 | 0.00 | — | 0.01 | Apr 24, 2023 | RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create… | |||
| CVE-2023-24819 | 0.00 | — | 0.01 | Apr 24, 2023 | RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The… | |||
| CVE-2023-24818 | 0.00 | — | 0.01 | Apr 24, 2023 | RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference. During forwarding of… | |||
| CVE-2021-27427 | 0.00 | — | 0.02 | May 3, 2022 | RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | |||
| CVE-2021-41061 | 0.00 | — | 0.00 | Sep 15, 2021 | In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component allows attackers to break encryption by triggering reboots. | |||
| CVE-2021-31660 | 0.00 | — | 0.01 | Jun 18, 2021 | RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information. | |||
| CVE-2021-31662 | 0.00 | — | 0.01 | Jun 18, 2021 | RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information. | |||
| CVE-2021-31663 | 0.00 | — | 0.02 | Jun 18, 2021 | RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information. | |||
| CVE-2021-31664 | 0.00 | — | 0.01 | Jun 18, 2021 | RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information. | |||
| CVE-2021-27698 | 0.00 | — | 0.01 | Apr 6, 2021 | RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c through the _parse_options() function. | |||
| CVE-2021-27697 | 0.00 | — | 0.01 | Apr 6, 2021 | RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function. | |||
| CVE-2021-27357 | 0.00 | — | 0.01 | Apr 6, 2021 | RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c. | |||
| CVE-2020-15350 | 0.00 | — | 0.01 | Jul 7, 2020 | RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64_decode() uses an output buffer estimation function to compute the required buffer capacity and validate against the provided buffer size. The base64_estimate_decode_size() function calculates… | |||
| CVE-2019-17389 | 0.00 | — | 0.01 | Oct 9, 2019 | In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker (via a large packet) to prevent a RIOT MQTT-SN client from working until the device is restarted. | |||
| CVE-2019-16754 | 0.00 | — | 0.01 | Sep 24, 2019 | RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation (asymcute), potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT… | |||
| CVE-2019-15702 | 0.00 | — | 0.01 | Aug 27, 2019 | In the TCP implementation (gnrc_tcp) in RIOT through 2019.07, the parser for TCP options does not terminate on all inputs, allowing a denial-of-service, because sys/net/gnrc/transport_layer/tcp/gnrc_tcp_option.c has an infinite loop for an unknown zero-length option. | |||
| CVE-2019-1000006 | 0.00 | — | 0.02 | Feb 4, 2019 | RIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e2fd3 contains a Buffer Overflow vulnerability in sock_dns, an implementation of the DNS protocol utilizing the RIOT sock API that can result in Remote code executing. This attack appears to be exploitable via… |
- CVE-2023-24821Apr 24, 2023risk 0.00cvss —epss 0.01
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet…
- CVE-2023-24820Apr 24, 2023risk 0.00cvss —epss 0.01
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create…
- CVE-2023-24819Apr 24, 2023risk 0.00cvss —epss 0.01
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The…
- CVE-2023-24818Apr 24, 2023risk 0.00cvss —epss 0.01
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference. During forwarding of…
- CVE-2021-27427May 3, 2022risk 0.00cvss —epss 0.02
RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
- CVE-2021-41061Sep 15, 2021risk 0.00cvss —epss 0.00
In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component allows attackers to break encryption by triggering reboots.
- CVE-2021-31660Jun 18, 2021risk 0.00cvss —epss 0.01
RIOT-OS 2021.01 before commit 85da504d2dc30188b89f44c3276fc5a25b31251f contains a buffer overflow which could allow attackers to obtain sensitive information.
- CVE-2021-31662Jun 18, 2021risk 0.00cvss —epss 0.01
RIOT-OS 2021.01 before commit 07f1254d8537497552e7dce80364aaead9266bbe contains a buffer overflow which could allow attackers to obtain sensitive information.
- CVE-2021-31663Jun 18, 2021risk 0.00cvss —epss 0.02
RIOT-OS 2021.01 before commit bc59d60be60dfc0a05def57d74985371e4f22d79 contains a buffer overflow which could allow attackers to obtain sensitive information.
- CVE-2021-31664Jun 18, 2021risk 0.00cvss —epss 0.01
RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.
- CVE-2021-27698Apr 6, 2021risk 0.00cvss —epss 0.01
RIOT-OS 2021.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c through the _parse_options() function.
- CVE-2021-27697Apr 6, 2021risk 0.00cvss —epss 0.01
RIOT-OS 2021.01 contains a buffer overflow vulnerability in sys/net/gnrc/routing/rpl/gnrc_rpl_validation.c through the gnrc_rpl_validation_options() function.
- CVE-2021-27357Apr 6, 2021risk 0.00cvss —epss 0.01
RIOT-OS 2020.01 contains a buffer overflow vulnerability in /sys/net/gnrc/routing/rpl/gnrc_rpl_control_messages.c.
- CVE-2020-15350Jul 7, 2020risk 0.00cvss —epss 0.01
RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64_decode() uses an output buffer estimation function to compute the required buffer capacity and validate against the provided buffer size. The base64_estimate_decode_size() function calculates…
- CVE-2019-17389Oct 9, 2019risk 0.00cvss —epss 0.01
In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker (via a large packet) to prevent a RIOT MQTT-SN client from working until the device is restarted.
- CVE-2019-16754Sep 24, 2019risk 0.00cvss —epss 0.01
RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implementation (asymcute), potentially allowing an attacker to crash a network node running RIOT. This requires spoofing an MQTT server response. To do so, the attacker needs to know the MQTT MsgID of a pending MQTT…
- CVE-2019-15702Aug 27, 2019risk 0.00cvss —epss 0.01
In the TCP implementation (gnrc_tcp) in RIOT through 2019.07, the parser for TCP options does not terminate on all inputs, allowing a denial-of-service, because sys/net/gnrc/transport_layer/tcp/gnrc_tcp_option.c has an infinite loop for an unknown zero-length option.
- CVE-2019-1000006Feb 4, 2019risk 0.00cvss —epss 0.02
RIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e2fd3 contains a Buffer Overflow vulnerability in sock_dns, an implementation of the DNS protocol utilizing the RIOT sock API that can result in Remote code executing. This attack appears to be exploitable via…
Page 2 of 2