Vulnerabilities > CVE-2018-16601 - Integer Underflow (Wrap or Wraparound) vulnerability in Amazon web Services Freertos and Freertos

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL

Summary

An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.

Vulnerable Configurations

Part Description Count
Application
Amazon
2

Common Weakness Enumeration (CWE)