CVE-2021-38311

In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessive CPU consumption.
References
Link Resource
https://github.com/contiki-os/contiki/issues/2685 Exploit Issue Tracking Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:contiki-os:contiki:3.0:*:*:*:*:*:*:*

Information

Published : 2021-08-09 22:15

Updated : 2021-08-17 18:36


NVD link : CVE-2021-38311

Mitre link : CVE-2021-38311


JSON object : View

Products Affected

contiki-os

  • contiki
CWE
CWE-835

Loop with Unreachable Exit Condition ('Infinite Loop')