CRITICAL🇬🇧 English

CVE-2021-33304

CVSS 9.8v3.1pub. 2023-02-15upd. 2025-03-20

Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Altran Picotcp

    APP
    Altran
    1.7.0
  • Altran Picotcp Ng

    APP
    Altran
    2.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje

Powiązane podatności

CVE-2020-24341CRITICAL9.1ten sam produkt

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pic...

CVE-2020-24338CRITICAL9.8ten sam produkt

An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pi...

CVE-2020-17441CRITICAL9.1ten sam produkt

An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether t...

CVE-2017-1000210CRITICAL9.8ten sam produkt

picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial ...

CVE-2023-30463HIGH7.5ten sam produkt

Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer...