CVE-2022-41873 Versions of Contiki-NG prior to 4.9 are vulnerable to an Out-of-bounds read.
This issue has been assigned the identifier CVE-2019-11833. Vendors are encouraged to apply the patch to their products as soon as possible. You can find the patch information here: https://github.com/ContikiNet/contiki/tree/develop Vendors are encouraged to scan for vulnerable products and upgrade them. BlueZ 5.45 and later contain a new feature that allows automatic upgrade of the underlying stack whenever a new BlueZ version becomes available. This feature can be enabled by setting the switch bt upgrade_bluez_ whenever starting the stack. If Contiki-NG is used with a version prior to 4.9, then it is possible to exploit this issue. This issue has been verified against the latest BlueZ 5.45 release on Ubuntu 18.04. This issue has been verified against the latest BlueZ 5.45 release on Ubuntu 18.04.
Coordinated Vulnerability Disclosure
The vendor has been notified by Contiki-NG of this vulnerability. BlueZ is a popular Bluetooth stack, currently used by more than a billion devices. This issue happens when the bt upgrade_bluez_ command is sent to the stack without checking its validity.
Overview:
The issue
The issue is that the Contiki-NG process can be exploited by sending a specially crafted packet to the bluetooth device. This can allow an attacker to execute malicious code on the stack without authentication. Specifically, this issue only affects devices with BlueZ 5.45 and later.
Vulnerability overview
The vulnerability allows an attacker to execute arbitrary code such as on the host. This could result in the complete compromise of a system or even a kernel panic.
Timeline
Published on: 11/11/2022 04:15:00 UTC
Last modified on: 11/18/2022 14:05:00 UTC