{"id":"CVE-2022-29859","details":"component/common/network/dhcp/dhcps.c in ambiot amb1_sdk (aka SDK for Ameba1) before 2022-03-11 mishandles data structures for DHCP packet data.","modified":"2026-04-12T02:56:46.911654Z","published":"2022-04-27T23:15:08.023Z","references":[{"type":"ADVISORY","url":"https://www.amebaiot.com/zh/security_bulletin/cve-2022-29859/"},{"type":"FIX","url":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ambiot/amb1_sdk","events":[{"introduced":"0"},{"fixed":"4b73f58f32914d0081d79a79e53a3215c8c1ea56"}]},{"type":"GIT","repo":"https://github.com/ambiot/amb1_sdk","events":[{"introduced":"0"},{"fixed":"4b73f58f32914d0081d79a79e53a3215c8c1ea56"}]}],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2022-03-11"}]},{"events":[{"introduced":"0"},{"fixed":"2022-03-11"}]}],"vanir_signatures":[{"deprecated":false,"target":{"function":"dhcps_deinit","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-4ba713b7","signature_type":"Function","digest":{"function_hash":"291114112519028890033351036565576565747","length":219},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"dhcps_initialize_message","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-5a2c03ae","signature_type":"Function","digest":{"function_hash":"105933214576759085143573806542003923193","length":1024},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"save_client_addr","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-5e646d57","signature_type":"Function","digest":{"function_hash":"114354155116692136080967469798899615595","length":549},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"file":"component/common/network/dhcp/dhcps.h"},"signature_version":"v1","id":"CVE-2022-29859-6f5013c7","signature_type":"Line","digest":{"line_hashes":["285191295460418589862265370550333046801","94032478483209623077261973974306407251","176806184268912275594319330559605270911","80682713767372177231770223139115388862","254503617561879773191662796000483727265","23311733103638375607231851805704447102","266389069263634273723541820912475074182","63366016456100560140971939389459316810"],"threshold":0.9},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-70a09f3d","signature_type":"Line","digest":{"line_hashes":["291445163371203785982146036090866003955","120918151420912492088975622484957118905","130303711588593574148401493792427847219","326726851799010797986026732754774630476","39520866510314079807393595542737979032","327756241967802799185708693624287699140","698892690604680764082655667827772708","155579776757403224260909966776474604998","339819650085239134207402618349272206543","230875728414836428376504375382778434101","134396895743066278582506855942017130914","272251967722327522059149129381434233104","83852177926531661811561011985526948975","317779292290891377995434456118829072259","249930842729742985134669034527883717643","236578104464808300684097122401352530243","173168199212897459517061675747482626279","91873760152695030276646661042926726269","316678743729196197079790021971423555238","228938893857165793481032588583839034943","331661283879935113973218227774798705877","300968593220656975617235799889805872480","265668330918684633062739616623594403008","337888794383692012399510127642953757693","113241929157237561149296889235604977204","38233426058779820313515573397659396087","227374999064034710108469687876467433175","125067824994813475659679017011534597763","44588380516161847252465658960858776391","175573542858356034622581552776741553564","216995448377472681522028099019265530876","19837479501945094603107931524333197925","338212412571022778328116099027272656712","297511905959271592568296094940198409099","68185568246180097624958646228526387879","238799348216146498726909956918602628975","167661103020584074289882246246013387294","58293672066787687586500870683435953739","145671568004270083407334144649057665295","229002878782397344188189659815854622973","34951573533297676716442249719459119451","229845762030301516591765914136510133206","153271994844119752941559035866720261728","171530735196272175089795838960754423865","18595368011190749091709156119512118589","8385618273229419878943495703679403135","44652449582891339208026119055899432946","254636757974549752813426141810163575588","4054706654680752011685068005713063972","140587628153473863846943718602590179012","310816155708957801201987730370154457659","59380196466127304489746219862866419559","49200311626911508535128918771135476807","152857494629964902003781505085334634321","256033331659597729918789177763902424699","319714912171725136409871375891178876532","178629222657083436635403133460166511568","233025486437385769494233221989531697457","79341987341545801482970726147666867486","11566794793708805478176244679710264614","258283164361187964000799483771171836717","100141869346617802890649001798926083285","157706663626456647032597739081772480014","172772888781117431301294581478698300759","142603344196329650025271081520285859601","183623162898835768687098198519056015250","9164897991441591649846051160337405107","170725070985248386724656119720692044252","230723380659667758717392635939500151763","223470775272951676265088549724435164758","259041690869021166208852735816997675831","19548612035145498005426551027958419793","139703852780096312354188289423007095620","264854031259736916620363357333711720926","149394509797972609944027027183632649527","27034765993243988747879192430587534331","83176858448326058047856008196121838926","69986082211213575534955468207779687025","66159816871824705738471056620893487463","238894282175733903906650799619300077684","255811921735630338007525036295220707847","138810772691367288770110868697692117316","222348354121221368764547993963790452153","108743619159748344858094788764027975431","150729610897924334133306357685528338322","216299510952950555475777924849057935672","173654841835886238564061604620925008023","266887036073548620930445966705242671533","319069804119486135083188115977883048649","227818688220674312897708775671388710570","319470430795790793248438813527893920282","27287905319600845684897330461502688951","64317749336216355663306777668770729918","309705397337424267263549590013203791176","243349104719324555387472536331433820557","73637510649981691265520084894047763425","82146595727884916426717691220565125013","197389776132074060203450473569662991418","259392441613999065143568700082236593343","11441158764654711340748390648424912722","254384094397522695029027397710723375507","79135627585740530712899749053619935324","52013136674303610893562436723205233132","60473732767392592945806538647707709460","195357922728932863001993716123797403315","92204991405706992468415291521559090804","324791770460131661951717237294097858389","264055357617492969353027417905581581306","78572556016989304322010203391300350136","57985726037097784965164132554802398093","2562381652516033122515627069128881991","125326357127625016772258111872606541967","56216016693399490220424065865464289794","225401400114902938438313564732848390042","131894760921873889048372414990183719047","128512092545567061855289967785256166752","142452341658301919003258755101280136539","133409070981030349426962035456050359392","233178603244931728594005397853810159649","215601869854426013570888803794008141402","89790532412357164009537325112859791220","57985726037097784965164132554802398093","97462369948811610055977473720248614786","149911242249164605384230336997651888578","153506424833950989785834558135019566973","175357252240474604696641407564601056699","215943099963767144376355999984029449040","60698056919247424868252643055631718037","270114937796794907009424683342941474328","140259600722659243754877581831470000168","212119623381220575208313405041790932361","43033345623267558171978228912844729989","3143781481586730785995815891489751881","287842126183732735321982515672064201097","33240600129366941046471990838422448386","109877661292362532166897551938210686577","222860920853855057795954075865804197402","298140680563513081645427105022349128864","262904531850965802965869608691745854989","103284925775438848079221386060002084161","323909750081571654422886797150740077103","172733104641635023313754254540263078438","83770718695746040321937862818147287310","159887954350951542138598721788455951334","119491115912130368110877917927275407277","12012087419454164777973588034463921535","231386936350211720173447182836295144661","318769136100669154992988579240218066828","274095128274499995574109017040309103811","323267053944236622415968175823205634099","267832385874300576523985522656337366628","297535608155218012183279539938961565216","23044166899289914981772231185871614074","198251094352932279664172419262963945787","171692073329454833993843310279273068415","36956875252263023679473889311244182917","295438728621599188436754475789103690488","293985078361499662195437992116773529587","65497597488025406281754702545880847113","4589689042389125504381691812093722351","288646527220946182235285773807960388507","214375596695111353791067732704532673283","167319591749075115750327455681912773279","17422457585739919163915928421917824852","302718176894090386058786843754396866171","18266997990496052845615006203328382669","118963868875786008644944342815679270137","94015483720528850831718510448733440578","176877409472433617803547001556946609514","308891384455492285383702166048405378356","36294850017313144739549183579551601374","304413996456894389749094582530709169956","149893998967631390196788033216870012772","299508893535407023088134517502692968321","77846637666368262226750120809943548362","156248474346480935121630109182824192540"],"threshold":0.9},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"search_next_ip","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-722355cf","signature_type":"Function","digest":{"function_hash":"37743513199583370674845934711924629776","length":689},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"mark_ip_in_table","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-9fd75ee6","signature_type":"Function","digest":{"function_hash":"57340397543012315515920181773138271138","length":2031},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"dhcps_init","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-ad0540be","signature_type":"Function","digest":{"function_hash":"123276534848902254584711847237942711831","length":2582},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"add_offer_options","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-b514deb2","signature_type":"Function","digest":{"function_hash":"334008810528339935081067530171461377807","length":1027},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"dhcps_send_offer","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-b591e523","signature_type":"Function","digest":{"function_hash":"339493540245046469138485466654295169691","length":1122},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"dhcps_handle_state_machine_change","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-bb093b09","signature_type":"Function","digest":{"function_hash":"142651198784504599834703649386496719801","length":2489},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"dhcps_receive_udp_packet_handler","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-cc404194","signature_type":"Function","digest":{"function_hash":"305248087711816882783707287091077398484","length":1751},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"},{"deprecated":false,"target":{"function":"dhcps_send_ack","file":"component/common/network/dhcp/dhcps.c"},"signature_version":"v1","id":"CVE-2022-29859-dad66565","signature_type":"Function","digest":{"function_hash":"118905728679681144945898812850034547079","length":333},"source":"https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56"}],"vanir_signatures_modified":"2026-04-12T02:56:46Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29859.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}