JFrog Security Research
< Back

XRAY-194050 - NicheStack TCP URG DoS

CVE-2021-31400 | CVSS 7.5

JFrog Severity:high

Discovered ByDenys Vozniukof the JFrog Security Research Team

Published 4 Aug, 2021 | Last updated 4 Aug, 2021

NicheStack TCP out-of-band urgent data processing DoS

InterNiche TCP/IP stack

InterNiche (, 4.3), fixed in 4.3

NicheStack TCP out-of-band urgent data processing function invokes a panic function if the pointer to the end of the out-of-band urgent data points out of the TCP segment’s data, which results in DoS (either an infinite loop or interrupt thrown, depending on NicheStack version)

No PoC is supplied for this issue

No vulnerability mitigations are supplied for this issue

(JFrog) INFRA:HALT New Vulnerabilities Impacting OT and Critical Infrastructure


< Back