Home

CVE-2020-13988

Description

An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.192

Associated Vulnerability

VulnerabilityOS Platform
SUSE-SU-2021:0663-1(SUSE Linux Enterprise Server 12-SP5 ) iscsiuio-0.7.8.2-12.27.2.x86_64.rpmLinux
SUSE-SU-2021:0663-1(SUSE Linux Enterprise Server 12-SP5 ) iscsiuio-debuginfo-0.7.8.2-12.27.2.x86_64.rpmLinux
SUSE-SU-2021:0663-1(SUSE Linux Enterprise Server 12-SP5 ) libopeniscsiusr0_2_0-2.0.876-12.27.2.x86_64.rpmLinux
SUSE-SU-2021:0663-1(SUSE Linux Enterprise Server 12-SP5 ) libopeniscsiusr0_2_0-debuginfo-2.0.876-12.27.2.x86_64.rpmLinux
SUSE-SU-2021:0663-1(SUSE Linux Enterprise Server 12-SP5 ) open-iscsi-2.0.876-12.27.2.x86_64.rpmLinux
SUSE-SU-2021:0663-1(SUSE Linux Enterprise Server 12-SP5 ) open-iscsi-debuginfo-2.0.876-12.27.2.x86_64.rpmLinux
SUSE-SU-2021:0663-1(SUSE Linux Enterprise Server 12-SP5 ) open-iscsi-debugsource-2.0.876-12.27.2.x86_64.rpmLinux
Open Source iSCSI implementation (USN-6259-1) open-iscsi_2.0.874-7.1ubuntu6.4_amd64.debLinux
Open Source iSCSI implementation (USN-6259-1) open-iscsi_2.0.874-5ubuntu2.11_i386.debLinux
Open Source iSCSI implementation (USN-6259-1) open-iscsi_2.0.874-5ubuntu2.11_amd64.debLinux
Open Source iSCSI implementation (USN-6259-1) open-iscsi_2.0.873+git0.3b4b4500-14ubuntu3.4_i386.debLinux
Open Source iSCSI implementation (USN-6259-1) open-iscsi_2.0.873+git0.3b4b4500-14ubuntu3.4_amd64.debLinux
SUSE-SU-2021:1164-1(SUSE Linux Enterprise Module for Legacy Software 15-SP3 ) open-iscsi-debuginfo-2.0.876-13.42.1.x86_64.rpmLinux
SUSE-SU-2021:1164-1(SUSE Linux Enterprise Module for Legacy Software 15-SP3 ) open-iscsi-debugsource-2.0.876-13.42.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234