VYPR

Micrium OS

by Micrium

CVEs (2)

  • CVE-2021-26706CriJan 24, 2022
    risk 0.64cvss 9.8epss 0.02

    An issue was discovered in lib_mem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: Mem_PoolCreate, Mem_DynPoolCreate, and Mem_DynPoolCreateHW.…

  • CVE-2021-27411MedMay 3, 2022
    risk 0.42cvss 6.5epss 0.01

    Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small…