Vulnerability Details CVE-2020-17529
Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both CONFIG_EXPERIMENTAL and CONFIG_NET_TCP_REASSEMBLY build flags enabled.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 6.8
References
- http://www.openwall.com/lists/oss-security/2020/12/09/5
- https://lists.apache.org/thread.html/r4d71ae3ab96b589835b94ba7ac4cb88a704e7307bceefeab749366f3%40%3Cdev.nuttx.apache.org%3E
- https://lists.apache.org/thread.html/r4d71ae3ab96b589835b94ba7ac4cb88a704e7307bceefeab749366f3%40%3Cdev.nuttx.apache.org%3E
- http://www.openwall.com/lists/oss-security/2020/12/09/5
- https://lists.apache.org/thread.html/r4d71ae3ab96b589835b94ba7ac4cb88a704e7307bceefeab749366f3%40%3Cdev.nuttx.apache.org%3E
- https://lists.apache.org/thread.html/r4d71ae3ab96b589835b94ba7ac4cb88a704e7307bceefeab749366f3%40%3Cdev.nuttx.apache.org%3E
Products affected by CVE-2020-17529
-
cpe:2.3:a:apache:nuttx:1.0
-
cpe:2.3:a:apache:nuttx:1.1
-
cpe:2.3:a:apache:nuttx:1.2
-
cpe:2.3:a:apache:nuttx:10.0.0
-
cpe:2.3:a:apache:nuttx:2.1
-
cpe:2.3:a:apache:nuttx:2.2
-
cpe:2.3:a:apache:nuttx:2.3
-
cpe:2.3:a:apache:nuttx:2.4
-
cpe:2.3:a:apache:nuttx:2.5
-
cpe:2.3:a:apache:nuttx:2.6
-
cpe:2.3:a:apache:nuttx:2.7
-
cpe:2.3:a:apache:nuttx:2.8
-
cpe:2.3:a:apache:nuttx:3.0
-
cpe:2.3:a:apache:nuttx:3.1
-
cpe:2.3:a:apache:nuttx:3.10
-
cpe:2.3:a:apache:nuttx:3.11
-
cpe:2.3:a:apache:nuttx:3.12
-
cpe:2.3:a:apache:nuttx:3.13
-
cpe:2.3:a:apache:nuttx:3.14
-
cpe:2.3:a:apache:nuttx:3.15
-
cpe:2.3:a:apache:nuttx:3.16
-
cpe:2.3:a:apache:nuttx:3.17
-
cpe:2.3:a:apache:nuttx:3.18
-
cpe:2.3:a:apache:nuttx:3.19
-
cpe:2.3:a:apache:nuttx:3.2
-
cpe:2.3:a:apache:nuttx:3.3
-
cpe:2.3:a:apache:nuttx:3.4
-
cpe:2.3:a:apache:nuttx:3.5
-
cpe:2.3:a:apache:nuttx:3.6
-
cpe:2.3:a:apache:nuttx:3.6.1
-
cpe:2.3:a:apache:nuttx:3.7
-
cpe:2.3:a:apache:nuttx:3.8
-
cpe:2.3:a:apache:nuttx:3.9
-
cpe:2.3:a:apache:nuttx:4.0
-
cpe:2.3:a:apache:nuttx:4.1
-
cpe:2.3:a:apache:nuttx:4.10
-
cpe:2.3:a:apache:nuttx:4.11
-
cpe:2.3:a:apache:nuttx:4.12
-
cpe:2.3:a:apache:nuttx:4.13
-
cpe:2.3:a:apache:nuttx:4.14
-
cpe:2.3:a:apache:nuttx:4.2
-
cpe:2.3:a:apache:nuttx:4.3
-
cpe:2.3:a:apache:nuttx:4.4
-
cpe:2.3:a:apache:nuttx:4.5
-
cpe:2.3:a:apache:nuttx:4.6
-
cpe:2.3:a:apache:nuttx:4.7
-
cpe:2.3:a:apache:nuttx:4.8
-
cpe:2.3:a:apache:nuttx:4.9
-
cpe:2.3:a:apache:nuttx:5.0
-
cpe:2.3:a:apache:nuttx:5.1
-
cpe:2.3:a:apache:nuttx:5.10
-
cpe:2.3:a:apache:nuttx:5.11
-
cpe:2.3:a:apache:nuttx:5.12
-
cpe:2.3:a:apache:nuttx:5.13
-
cpe:2.3:a:apache:nuttx:5.14
-
cpe:2.3:a:apache:nuttx:5.15
-
cpe:2.3:a:apache:nuttx:5.16
-
cpe:2.3:a:apache:nuttx:5.17
-
cpe:2.3:a:apache:nuttx:5.18
-
cpe:2.3:a:apache:nuttx:5.19
-
cpe:2.3:a:apache:nuttx:5.2
-
cpe:2.3:a:apache:nuttx:5.3
-
cpe:2.3:a:apache:nuttx:5.4
-
cpe:2.3:a:apache:nuttx:5.5
-
cpe:2.3:a:apache:nuttx:5.6
-
cpe:2.3:a:apache:nuttx:5.7
-
cpe:2.3:a:apache:nuttx:5.8
-
cpe:2.3:a:apache:nuttx:5.9
-
cpe:2.3:a:apache:nuttx:6.0
-
cpe:2.3:a:apache:nuttx:6.1
-
cpe:2.3:a:apache:nuttx:6.10
-
cpe:2.3:a:apache:nuttx:6.11
-
cpe:2.3:a:apache:nuttx:6.12
-
cpe:2.3:a:apache:nuttx:6.13
-
cpe:2.3:a:apache:nuttx:6.14
-
cpe:2.3:a:apache:nuttx:6.15
-
cpe:2.3:a:apache:nuttx:6.16
-
cpe:2.3:a:apache:nuttx:6.17
-
cpe:2.3:a:apache:nuttx:6.18
-
cpe:2.3:a:apache:nuttx:6.19
-
cpe:2.3:a:apache:nuttx:6.2
-
cpe:2.3:a:apache:nuttx:6.20
-
cpe:2.3:a:apache:nuttx:6.21
-
cpe:2.3:a:apache:nuttx:6.22
-
cpe:2.3:a:apache:nuttx:6.23
-
cpe:2.3:a:apache:nuttx:6.24
-
cpe:2.3:a:apache:nuttx:6.25
-
cpe:2.3:a:apache:nuttx:6.26
-
cpe:2.3:a:apache:nuttx:6.27
-
cpe:2.3:a:apache:nuttx:6.28
-
cpe:2.3:a:apache:nuttx:6.29
-
cpe:2.3:a:apache:nuttx:6.3
-
cpe:2.3:a:apache:nuttx:6.30
-
cpe:2.3:a:apache:nuttx:6.31
-
cpe:2.3:a:apache:nuttx:6.32
-
cpe:2.3:a:apache:nuttx:6.33
-
cpe:2.3:a:apache:nuttx:6.4
-
cpe:2.3:a:apache:nuttx:6.5
-
cpe:2.3:a:apache:nuttx:6.6
-
cpe:2.3:a:apache:nuttx:6.7
-
cpe:2.3:a:apache:nuttx:6.8
-
cpe:2.3:a:apache:nuttx:6.9
-
cpe:2.3:a:apache:nuttx:7.1
-
cpe:2.3:a:apache:nuttx:7.10
-
cpe:2.3:a:apache:nuttx:7.11
-
cpe:2.3:a:apache:nuttx:7.12
-
cpe:2.3:a:apache:nuttx:7.13
-
cpe:2.3:a:apache:nuttx:7.14
-
cpe:2.3:a:apache:nuttx:7.15
-
cpe:2.3:a:apache:nuttx:7.16
-
cpe:2.3:a:apache:nuttx:7.17
-
cpe:2.3:a:apache:nuttx:7.18
-
cpe:2.3:a:apache:nuttx:7.19
-
cpe:2.3:a:apache:nuttx:7.2
-
cpe:2.3:a:apache:nuttx:7.20
-
cpe:2.3:a:apache:nuttx:7.21
-
cpe:2.3:a:apache:nuttx:7.22
-
cpe:2.3:a:apache:nuttx:7.23
-
cpe:2.3:a:apache:nuttx:7.24
-
cpe:2.3:a:apache:nuttx:7.25
-
cpe:2.3:a:apache:nuttx:7.26
-
cpe:2.3:a:apache:nuttx:7.27
-
cpe:2.3:a:apache:nuttx:7.28
-
cpe:2.3:a:apache:nuttx:7.29
-
cpe:2.3:a:apache:nuttx:7.3
-
cpe:2.3:a:apache:nuttx:7.30
-
cpe:2.3:a:apache:nuttx:7.31
-
cpe:2.3:a:apache:nuttx:7.4
-
cpe:2.3:a:apache:nuttx:7.5
-
cpe:2.3:a:apache:nuttx:7.6
-
cpe:2.3:a:apache:nuttx:7.7
-
cpe:2.3:a:apache:nuttx:7.8
-
cpe:2.3:a:apache:nuttx:7.9
-
cpe:2.3:a:apache:nuttx:8.1
-
cpe:2.3:a:apache:nuttx:8.2
-
cpe:2.3:a:apache:nuttx:9.0.0
-
cpe:2.3:a:apache:nuttx:9.1.0