layout: page released: true apache: true title: 9.1.1 date: 2020-12-08 summary: > Release v9.1.1

artifact-root: “https://www.apache.org/dyn/closer.lua/incubator/nuttx/9.1.1” checksum-root: “https://downloads.apache.org/incubator/nuttx/9.1.1” key-file: “https://downloads.apache.org/incubator/nuttx/KEYS

source-os-dist:

  • “apache-nuttx-9.1.1-incubating.tar.gz” source-app-dist:
  • “apache-nuttx-apps-9.1.1-incubating.tar.gz”

{% include JB/setup %}

Apache NuttX-9.1.1 Release Notes

This is a security only patch release.

Security Issues Fixed In This Release

Both of the security fixes in this release are part of a larger group of vulnerabilities known as AMNESIA:33 that were identified as impacting many IoT TCP/IP stacks.

https://www.forescout.com/company/resources/amnesia33-how-tcp-ip-stacks-breed-critical-vulnerabilities-in-iot-ot-and-it-devices/

  • CVE-2020-17528 Out-Of-Bounds Write vulnerability in TCP stack allows attacker to cause memory corruption by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.

  • CVE-2020-17529 Out-of-bounds Write vulnerability in TCP Stack allows attacker to cause memory corruption by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both CONFIG_EXPERIMENTAL and CONFIG_NET_TCP_REASSEMBLY configuration flags enabled.