161 matches found
PYSEC-2024-96
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit...
PYSEC-2024-88
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpzasbytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and ma...
PYSEC-2024-92
A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...
PYSEC-2024-91
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit...
CVE-2024-8948 MicroPython objint.c mpz_as_bytes heap-based overflow
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpzasbytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and ma...
CVE-2024-8948
CVE-2024-8948 affects MicroPython 1.23.0; the vulnerability resides in the function mpz_as_bytes within py/objint.c, where converting zero from int to bytes triggers a heap-based buffer overflow. The issue can be exploited remotely, and public disclosures include a patch reference: 908ab1ceca15ee...
CVE-2024-8948 MicroPython objint.c mpz_as_bytes heap-based overflow
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpzasbytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and ma...
CVE-2024-8948
A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpzasbytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and ma...
CVE-2024-8947
CVE-2024-8947 affects MicroPython 1.22.2, with a use-after-free in the objarray.c path when a bytes object is resized and copied into itself, potentially referencing freed memory. The vulnerability is exploitable remotely; attack complexity and authentication are high/none, with impact described ...
CVE-2024-8947 MicroPython objarray.c use after free
A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...
CVE-2024-8947 MicroPython objarray.c use after free
A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...
CVE-2024-8947
A vulnerability was found in MicroPython 1.22.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file py/objarray.c. The manipulation leads to use after free. The attack can be launched remotely. The complexity of an attack is rather high. The...
CVE-2024-8946
CVE-2024-8946 affects MicroPython 1.23.0 in the VFS unmount handler (mp_vfs_umount). The vulnerability arises from comparing the mounted path and unmount request solely by the unmount string length, enabling a heap-based buffer overflow read. The description notes the issue can be exploited remot...
CVE-2024-8946
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit...
CVE-2024-8946 MicroPython VFS Unmount vfs.c mp_vfs_umount heap-based overflow
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit...
CVE-2024-8946 MicroPython VFS Unmount vfs.c mp_vfs_umount heap-based overflow
A vulnerability was found in MicroPython 1.23.0. It has been classified as critical. Affected is the function mpvfsumount of the file extmod/vfs.c of the component VFS Unmount Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit...
MicroPython 安全漏洞
MicroPython is a small open source Python programming language interpreter open-sourced by MicroPython. A security vulnerability exists in MicroPython version 1.23.0, which originates in the mpvfsumount function in the VFS Unmount Handler component, which compares a mount path string and an unmou...
PT-2024-39332
Name of the Vulnerable Software and Affected Versions: MicroPython version 1.22.2 Description: A critical issue has been found in the MicroPython objarray component, where resizing and copying a bytes object into itself may reference memory that has already been freed, leading to use after free...
MicroPython 资源管理错误漏洞
MicroPython is a small open source Python programming language interpreter open-sourced by MicroPython. A resource management error vulnerability exists in MicroPython version 1.22.2, which stems from unknown functionality in the py/objarray.c file that leads to reuse after release...
MicroPython 安全漏洞
MicroPython is a small open source Python programming language interpreter open-sourced by MicroPython. A security vulnerability exists in MicroPython version 1.23.0, which originates in the mpzasbytes function in the py/objint.c file, and causes a heap buffer overflow write error when converting...