Unrated severityNVD Advisory· Published May 3, 2022· Updated Apr 16, 2025
NXP MCUXpresso SDK Integer Overflow or Wraparound
CVE-2021-27421
Description
NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc.
Affected products
2<2.8.2+ 1 more
- (no CPE)range: <2.8.2
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
2- mcuxpresso.nxp.com/en/welcomemitrex_refsource_CONFIRM
- www.cisa.gov/uscert/ics/advisories/icsa-21-119-04mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.