CVE-2018-16600: FreeRTOS TCP/IP

# Description

eARPProcessPacket doesn’t validate that the received frame is large enough to be an ARP packet.

# Root cause

An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure. 

# Software

## Name

FreeRTOS

## Versions affected

1.3.1 - 10.0.1

# Exploit

https://github.com/Componolit/systematization-binary-vulnerabilities/blob/master/examples/src/vuln_74.c

# Links
- [CVE Entry](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16600)
- [In-depth analysis](https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

CVE-2018-16600: FreeRTOS TCP/IP #74

Description

Root cause

Software

Name

Versions affected

Exploit

Links

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

CVE-2018-16600: FreeRTOS TCP/IP #74

Description

Description

Root cause

Software

Name

Versions affected

Exploit

Links

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions