Memory Space Copy Vulnerability in Amazon Web Services (AWS) FreeRTOS and WITTENSTEIN WHIS Connect Middleware

Memory Space Copy Vulnerability in Amazon Web Services (AWS) FreeRTOS and WITTENSTEIN WHIS Connect Middleware

CVE-2018-16601 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.

Learn more about our Cis Benchmark Audit For Amazon Web Services.