CVE-2018-16601

An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.

Published : 2018-12-06 23:29 Updated : 2019-01-03 23:59

6.8
CVSS Score More info
Score 6.8 / 10
6.8
Vendor Product Version URI
Amazon Amazon Web Services Freertos 1.3.1 cpe:/a:amazon:amazon_web_services_freertos:1.3.1
Amazon Freertos 10.0.1 cpe:/a:amazon:freertos:10.0.1
  1. Amazon (2) Search CVE
    1. Freertos (1) Search CVE
      1. 10.0.1
    2. Amazon Web Services Freertos (1) Search CVE
      1. 1.3.1

CWE

ID Name Description Links
CWE-191 Integer Underflow (Wrap or Wraparound) The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result. CVE

History of changes

Date Event
2019-01-03 23:59
2018-12-06 23:29

New CVE