VYPR
Unrated severityNVD Advisory· Published May 3, 2022· Updated Apr 16, 2025

NXP MCUXpresso SDK Integer Overflow or Wraparound

CVE-2021-27421

Description

NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc.

Affected products

2
  • Nxp/MCUXpresso SDKllm-create2 versions
    <2.8.2+ 1 more
    • (no CPE)range: <2.8.2
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.