{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "0" }, { "fixed": "4.8" } ] }, "events": [ { "introduced": "0" }, { "fixed": "9771e9aaebbfbb5633ce69eb9876e0fc70bbcd6f" } ], "repo": "https://github.com/contiki-ng/contiki-ng", "type": "GIT" } ] } ], "aliases": [ "GHSA-2j9c-7754-w4cw" ], "database_specific": { "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-125" ], "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/36xxx/CVE-2022-36053.json" }, "details": "Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The low-power IPv6 network stack of Contiki-NG has a buffer module (os/net/ipv6/uipbuf.c) that processes IPv6 extension headers in incoming data packets. As part of this processing, the function uipbuf_get_next_header casts a pointer to a uip_ext_hdr structure into the packet buffer at different offsets where extension headers are expected to be found, and then reads from this structure. Because of a lack of bounds checking, the casting can be done so that the structure extends beyond the packet's end. Hence, with a carefully crafted packet, it is possible to cause the Contiki-NG system to read data outside the packet buffer. A patch that fixes the vulnerability is included in Contiki-NG 4.8.", "id": "CVE-2022-36053", "modified": "2026-04-01T23:09:32.985681312Z", "published": "2022-09-01T12:00:15Z", "references": [ { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/36xxx/CVE-2022-36053.json" }, { "type": "ADVISORY", "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-2j9c-7754-w4cw" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36053" }, { "type": "FIX", "url": "https://github.com/contiki-ng/contiki-ng/pull/1648" } ], "schema_version": "1.7.3", "severity": [ { "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "type": "CVSS_V3" } ], "summary": "Out-of-bounds read in the uIP buffer module" }