2 matches found
CVE-2022-29246
Azure RTOS USBX DFU UPLOAD vulnerability (CVE-2022-29246) allows a potential buffer overflow prior to version 6.1.11. If a DFU UPLOAD request carries a wLength greater than UX_SLAVE_REQUEST_CONTROL_MAX_LENGTH (256 bytes), the code path in ux_device_class_dfu_read may copy data into a 256-byte buf...
CVE-2022-29246 Potential buffer overflow in function DFU upload in Azure RTOS USBX
Azure RTOS USBX is a USB host, device, and on-the-go OTG embedded stack. Prior to version 6.1.11, he USBX DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features o...