<p>Upgrade <code>riot-os/riot</code> to version 2023.04 or higher.</p>

Unchecked Return Value Affecting riot-os/riot package, versions [,2023.04)

Snyk CVSS

Attack Complexity Low

Availability High

Threat Intelligence

EPSS 0.15% (50^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-UNMANAGED-RIOTOSRIOT-5662261
published 31 May 2023
disclosed 31 May 2023
credit Diff-fusion

Report a new vulnerability Found a mistake?

Introduced: 31 May 2023

CVE-2023-24825 Open this link in a new tab CWE-252 Open this link in a new tab

How to fix?

Upgrade riot-os/riot to version 2023.04 or higher.

Overview

Affected versions of this package are vulnerable to Unchecked Return Value such that an attacker can send a crafted frame to the device to trigger a NULL pointer dereference leading to denial of service.

References

GitHub Commit
GitHub Release
Vulnerable Code
Vulnerable Code
Vulnerable Code
Vulnerable Code
Vulnerable Code