CVE-2023-24817: 
NixOS vulnerability analysis and mitigation

RIOT-OS, an operating system for Internet of Things (IoT) devices, was found to contain a critical vulnerability (CVE-2023-24817) in its network stack's 6LoWPAN frame processing capability. The vulnerability was discovered prior to version 2023.04 and was patched in version 2023.04. The affected component is the RPL with SRH (Source Routing Header) functionality in the network stack (GitHub Advisory).

The vulnerability stems from an integer underflow vulnerability in the index calculation for processing the next hop from an array of addresses. When the routing header length (rh->len) is zero, the calculation can trigger an underflow, leading to an out-of-bounds access while fetching the next routing address. The issue is rated as High severity with a CVSS v3.1 base score of 7.5 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). The vulnerability is classified under CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-191 (Integer Underflow) (GitHub Advisory, NVD).

An attacker can exploit this vulnerability by sending a crafted frame to the device, resulting in an integer underflow and out-of-bounds access in the packet buffer. When triggered at the right time, this can corrupt other packets or allocator metadata. If a pointer becomes corrupted, it can lead to a denial of service condition (GitHub Advisory).

The vulnerability has been patched in RIOT-OS version 2023.04. For users unable to update immediately, a workaround is available by disabling SRH in the network stack (GitHub Advisory).