An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets.
https://www.kb.cert.org/vuls/id/815128
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-01
https://github.com/contiki-os/contiki