← Back

Picotcp Ng

picotcp-ng

Vendor: Altran • 5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-33304
1Altran
2Picotcp
Picotcp Ng
Mar 20, 2025
Feb 15, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code.
CVE-2020-24341
1Altran
2Picotcp
Picotcp Ng
Nov 21, 2024
Dec 11, 2020
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assemb...Show more
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Service or an information leak.Show less
CVE-2020-24340
1Altran
2Picotcp
Picotcp Ng
Nov 21, 2024
Dec 11, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses s...Show more
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the response data available in the packet, leading to an out-of-bounds read, invalid pointer dereference, and Denial-of-Service.Show less
CVE-2020-24339
1Altran
2Picotcp
Picotcp Ng
Nov 21, 2024
Dec 11, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset...Show more
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet, causing out-of-bounds reads that lead to Denial-of-Service.Show less
CVE-2020-24337
1Altran
2Picotcp
Picotcp Ng
Nov 21, 2024
Dec 11, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite...Show more
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcp_parse_options() in pico_tcp.c.Show less