{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41126", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-07-15T15:53:28.323Z", "datePublished": "2024-11-27T18:20:43.701Z", "dateUpdated": "2024-11-27T19:22:41.923Z"}, "containers": {"cna": {"title": "Out-of-bounds read when decoding SNMP messages in Contiki-NG", "problemTypes": [{"descriptions": [{"cweId": "CWE-125", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-444j-93j3-5gj4", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-444j-93j3-5gj4"}, {"name": "https://github.com/contiki-ng/contiki-ng/pull/2937", "tags": ["x_refsource_MISC"], "url": "https://github.com/contiki-ng/contiki-ng/pull/2937"}], "affected": [{"vendor": "contiki-ng", "product": "contiki-ng", "versions": [{"version": "<= 4.9", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-11-27T18:20:43.701Z"}, "descriptions": [{"lang": "en", "value": "Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The vulnerability exists in the os/net/app-layer/snmp/snmp-message.c module, where the snmp_message_decode function fails to check the boundary of the message buffer when reading a byte from it immediately after decoding an object identifier (OID). The problem has been patched in Contiki-NG pull request 2937. It will be included in the next release of Contiki-NG. Users are advised to either apply the patch manually or to wait for the next release. A workaround is to disable the SNMP module in the Contiki-NG build configuration."}], "source": {"advisory": "GHSA-444j-93j3-5gj4", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41126", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-27T19:21:44.284259Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:contiki-ng:contiki-ng:-:*:*:*:*:*:*:*"], "vendor": "contiki-ng", "product": "contiki-ng", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "4.9"}], "defaultStatus": "unknown"}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-27T19:22:41.923Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41126", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-11-27T19:21:44.284259Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:contiki-ng:contiki-ng:-:*:*:*:*:*:*:*"], "vendor": "contiki-ng", "product": "contiki-ng", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "4.9"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-27T19:21:49.320Z"}}], "cna": {"title": "Out-of-bounds read when decoding SNMP messages in Contiki-NG", "source": {"advisory": "GHSA-444j-93j3-5gj4", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "contiki-ng", "product": "contiki-ng", "versions": [{"status": "affected", "version": "<= 4.9"}]}], "references": [{"url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-444j-93j3-5gj4", "name": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-444j-93j3-5gj4", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/contiki-ng/contiki-ng/pull/2937", "name": "https://github.com/contiki-ng/contiki-ng/pull/2937", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The vulnerability exists in the os/net/app-layer/snmp/snmp-message.c module, where the snmp_message_decode function fails to check the boundary of the message buffer when reading a byte from it immediately after decoding an object identifier (OID). The problem has been patched in Contiki-NG pull request 2937. It will be included in the next release of Contiki-NG. Users are advised to either apply the patch manually or to wait for the next release. A workaround is to disable the SNMP module in the Contiki-NG build configuration."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-125", "description": "CWE-125: Out-of-bounds Read"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2024-11-27T18:20:43.701Z"}}}, "cveMetadata": {"cveId": "CVE-2024-41126", "state": "PUBLISHED", "dateUpdated": "2024-11-27T19:22:41.923Z", "dateReserved": "2024-07-15T15:53:28.323Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2024-11-27T18:20:43.701Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contiki-ng:contiki-ng:*:*:*:*:*:*:*:*", "matchCriteriaId": "5ECE789E-8C10-42CB-BD98-A301AC471904", "versionEndIncluding": "4.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Contiki-NG is an open-source, cross-platform operating system for IoT devices. An out-of-bounds read of 1 byte can be triggered when sending a packet to a device running the Contiki-NG operating system with SNMP enabled. The SNMP module is disabled in the default Contiki-NG configuration. The vulnerability exists in the os/net/app-layer/snmp/snmp-message.c module, where the snmp_message_decode function fails to check the boundary of the message buffer when reading a byte from it immediately after decoding an object identifier (OID). The problem has been patched in Contiki-NG pull request 2937. It will be included in the next release of Contiki-NG. Users are advised to either apply the patch manually or to wait for the next release. A workaround is to disable the SNMP module in the Contiki-NG build configuration."}, {"lang": "es", "value": "Contiki-NG es un sistema operativo multiplataforma de c\u00f3digo abierto para dispositivos IoT. Se puede activar una lectura fuera de los l\u00edmites de 1 byte al enviar un paquete a un dispositivo que ejecuta el sistema operativo Contiki-NG con SNMP habilitado. El m\u00f3dulo SNMP est\u00e1 deshabilitado en la configuraci\u00f3n predeterminada de Contiki-NG. La vulnerabilidad existe en el m\u00f3dulo os/net/app-layer/snmp/snmp-message.c, donde la funci\u00f3n snmp_message_decode no puede verificar el l\u00edmite del b\u00fafer de mensajes al leer un byte de \u00e9l inmediatamente despu\u00e9s de decodificar un identificador de objeto (OID). El problema se ha corregido en la solicitud de incorporaci\u00f3n de cambios 2937 de Contiki-NG. Se incluir\u00e1 en la pr\u00f3xima versi\u00f3n de Contiki-NG. Se recomienda a los usuarios que apliquen el parche manualmente o que esperen a la pr\u00f3xima versi\u00f3n. Un workaround es deshabilitar el m\u00f3dulo SNMP en la configuraci\u00f3n de compilaci\u00f3n de Contiki-NG."}], "id": "CVE-2024-41126", "lastModified": "2025-04-10T14:54:59.267", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.6, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-11-27T19:15:33.050", "references": [{"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/contiki-ng/contiki-ng/pull/2937"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/contiki-ng/contiki-ng/security/advisories/GHSA-444j-93j3-5gj4"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}