Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2023-24817 First vendor Publication 2023-05-30
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Overall CVSS Score 7.5
Base Score 7.5 Environmental Score 7.5
impact SubScore 3.6 Temporal Score 7.5
Exploitabality Sub Score 3.9
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction None
Scope Unchanged Confidentiality Impact None
Integrity Impact None Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device resulting in an integer underflow and out of bounds access in the packet buffer. Triggering the access at the right time will corrupt other packets or the allocator metadata. Corrupting a pointer will lead to denial of service. This issue is fixed in version 2023.04. As a workaround, disable SRH in the network stack.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24817

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
50 % CWE-191 Integer Underflow (Wrap or Wraparound)

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 5

Sources (Detail)

https://github.com/RIOT-OS/RIOT/commit/34dc1757f5621be48e226cfebb2f4c63505b5360
https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-xjgw-7638-29g5
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
Date Informations
2025-07-15 02:15:36
  • Multiple Updates
2025-07-14 12:25:36
  • Multiple Updates
2025-06-26 02:13:48
  • Multiple Updates
2025-06-25 12:24:31
  • Multiple Updates
2025-03-29 03:18:33
  • Multiple Updates
2025-03-28 13:36:29
  • Multiple Updates
2024-11-28 14:22:23
  • Multiple Updates
2024-08-02 13:46:09
  • Multiple Updates
2024-08-02 01:32:22
  • Multiple Updates
2024-02-02 02:43:28
  • Multiple Updates
2024-02-01 12:29:27
  • Multiple Updates
2023-09-05 13:39:03
  • Multiple Updates
2023-09-05 01:28:43
  • Multiple Updates
2023-09-02 13:37:18
  • Multiple Updates
2023-09-02 01:29:12
  • Multiple Updates
2023-08-12 13:42:46
  • Multiple Updates
2023-08-12 01:28:26
  • Multiple Updates
2023-08-11 13:33:56
  • Multiple Updates
2023-08-11 01:29:18
  • Multiple Updates
2023-08-06 13:31:18
  • Multiple Updates
2023-08-06 01:28:04
  • Multiple Updates
2023-08-04 13:31:46
  • Multiple Updates
2023-08-04 01:28:27
  • Multiple Updates
2023-07-14 13:31:34
  • Multiple Updates
2023-07-14 01:28:05
  • Multiple Updates
2023-06-08 00:27:27
  • Multiple Updates
2023-05-30 21:26:40
  • First insertion