MidnightBSD

Advisories for virtualsquare

CVE-2023-35846

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not check the transport layer length in a frame before performing port filtering.

Products Affected

Vendor Product Version
virtualsquare picotcp *
CVE-2023-35847

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not have an MSS lower bound (e.g., it could be zero).

Products Affected

Vendor Product Version
virtualsquare picotcp *
CVE-2023-35848

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 lacks certain size calculations before attempting to set a value of an mss structure member.

Products Affected

Vendor Product Version
virtualsquare picotcp *
CVE-2023-35849

VirtualSquare picoTCP (aka PicoTCP-NG) through 2.1 does not properly check whether header sizes would result in accessing data outside of a packet.

Products Affected

Vendor Product Version
virtualsquare picotcp *