Memory Space Copy Vulnerability in Amazon Web Services (AWS) FreeRTOS and WITTENSTEIN WHIS Connect Middleware
CVE-2018-16601 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
Learn more about our Cis Benchmark Audit For Amazon Web Services.