VYPR
Unrated severityNVD Advisory· Published Jun 21, 2021· Updated Aug 3, 2024

malloc, realloc and memalign implementations are vulnerable to integer wrap-arounds

CVE-2021-26461

Description

Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.

Affected products

2
  • Apache/Nuttxllm-fuzzy
    Range: <10.1.0
  • Apache Software Foundation/Apache NuttXv5
    Range: Apache NuttX

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.