58 matches found
Micrium uC-HTTP Buffer Error Vulnerability
Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A buffer error vulnerability exists in Micrium uC-HTTP...
Micrium uC-HTTP Security Vulnerability
Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A security vulnerability exists in Micrium uC-HTTP version...
PT-2023-20830 · Silicon · Silicon Labs Gecko Sdk
Name of the Vulnerable Software and Affected Versions: Silicon Labs Gecko SDK versions 4.2.3 and earlier Description: The issue allows a connected device to write a payload onto the stack due to a buffer overflow in the Wi-Fi Commissioning MicriumOS example. Recommendations: For Silicon Labs Geck...
The vulnerability of the Micrium real-time operating system’s HTTP server allows attackers to execute arbitrary code.
The vulnerability of a real-time Micrium operating system’s HTTP server relates to buffer overflow attacks. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code by sending a specially crafted HTTP request...
CVE-2022-24942
Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request...
CVE-2022-24942
Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request...
Heap overflow
Heap based buffer overflow in HTTP Server functionality in Micrium uC-HTTP 3.01.01 allows remote code execution via HTTP request...
Micrium uC-HTTP 缓冲区错误漏洞
Micrium uC-HTTP is a software from Micrium USA that provides TCP/IP functionality for devices. The software is designed for embedded applications with a compact, reliable, high-performance TCP/IP stack with dual support for IPv4 and IPv6. A security vulnerability exists in Micrium uC-HTTP version...
CVE-2022-24942
CVE-2022-24942 affects Micrium uC-HTTP 3.01.01’s HTTP Server. The vulnerability is a heap-based buffer overflow in the server's HTTP handling, enabling remote code execution via a crafted HTTP request over the network. According to the connected sources, the impact can be high on confidentiality,...
PT-2022-6321 · Silicon +1 · Gecko Sdk +1
Name of the Vulnerable Software and Affected Versions: Micrium uC-HTTP version 3.01.01 Silicon Labs Gecko SDK affected versions not specified Description: The issue is related to a heap-based buffer overflow in the HTTP server functionality. This can be exploited by sending a specially crafted HT...
CVE-2021-27411
Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...
CVE-2021-27411
Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...
Integer overflow
Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...
CVE-2021-27411 Micrium OS Integer Overflow or Wraparound
Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...
CVE-2021-27411
CVE-2021-27411 affects Micrium OS versions 5.10.1 and earlier. The issue is an integer wrap-around in Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate, causing unverified memory assignments that can allocate arbitrary memory sizes (e.g., very small blocks instead of very large blocks). T...
CVE-2021-27411 Micrium OS Integer Overflow or Wraparound
Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...
CVE-2021-26706
An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...
CVE-2021-26706
An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...
Integer overflow
An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...
CVE-2021-26706
The CVE-2021-26706 issue affects Micrium uC/OS uC/LIB 1.38.x and 1.39.00, where Mem_PoolCreate, Mem_DynPoolCreate, and Mem_DynPoolCreateHW can overflow when pool sizes exceed address space due to multiplication in size calculations. This can yield a smaller-than-expected memory pool and may be ex...