Skip to main content

Picotcp CVE-2020-24341

CRITICAL
Out-of-bounds Read (CWE-125)
2020-12-11 cve@mitre.org
9.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 11, 2020 - 23:15 nvd
CRITICAL 9.1

DescriptionNVD

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Service or an information leak.

AnalysisAI

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Out-of-bounds Read (CWE-125), which allows attackers to read data from memory outside the intended buffer boundaries. An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Service or an information leak. Affected products include: Altran Picotcp, Altran Picotcp-Ng. Version information: through 1.7.0..

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate array indices and buffer lengths. Use memory-safe languages. Enable AddressSanitizer during testing.

CVE-2023-30463 HIGH POC
7.5 Apr 19

Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow

CVE-2017-1000210 CRITICAL
9.8 Nov 17

picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service

CVE-2020-24338 CRITICAL
9.8 Dec 11

An issue was discovered in picoTCP through 1.7.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exp

CVE-2020-17441 CRITICAL
9.1 Dec 11

An issue was discovered in picoTCP 1.7.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable

CVE-2023-35849 HIGH
7.5 Jun 19

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessin

CVE-2023-35848 HIGH
7.5 Jun 19

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of a

CVE-2023-35847 HIGH
7.5 Jun 19

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero). Rated high

CVE-2023-35846 HIGH
7.5 Jun 19

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performin

CVE-2020-24340 HIGH
7.5 Dec 11

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is r

CVE-2020-24339 HIGH
7.5 Dec 11

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is r

CVE-2020-24337 HIGH
7.5 Dec 11

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is r

CVE-2020-17445 HIGH
7.5 Dec 11

An issue was discovered in picoTCP 1.7.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no

Share

CVE-2020-24341 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy