Read Time:22 Second
Posted by Meng Ruijie on Jan 17
[Suggested description]
An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. A buffer over-read exists in the dtls_sha256_update
function. This bug allows remote attackers to cause a denial of service (crash) and possibly read sensitive information
by sending a malformed packet with an over-large fragment length field, due to servers incorrectly handling malformed
packets.
[Vulnerability Type]
Buffer Overflow
[Vendor of…