The NicheStack routine for parsing DNS domain names does not check whether a compression pointer points within the bounds of a packet, which leads to OOB-R
InterNiche (, 4.3), fixed in 4.3
An issue was discovered in HCC Embedded NicheStack IPv4 4.1. The dnc_copy_in routine for parsing DNS domain names does not check whether a domain name compression pointer is pointing within the bounds of the packet (e.g., forward compression pointer jumps are allowed), which leads to an Out-of-bounds Read, and a Denial-of-Service as a consequence.
No PoC is supplied for this issue
If not needed, disable the NicheStack DNS client through the NicheStack CLI
(JFrog) INFRA:HALT New Vulnerabilities Impacting OT and Critical Infrastructure