CVE-2021-27411

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...

CVE-2021-27427

RIOT OS version 2020.01.1 is vulnerable to integer wrap-around in its implementation of calloc function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

DEBIAN-CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

CVE-2021-27433

ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbedkrbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

CVE-2021-27425

Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

CVE-2021-27435

ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in mallocwrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

CVE-2021-27439

TencentOS-tiny version 3.1.0 is vulnerable to integer wrap-around in function 'tosmmheapalloc incorrect calculation of effective memory allocation size. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code...

CVE-2021-27431

ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc local malloc equivalent function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution...

CVE-2021-27433

ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbedkrbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

CVE-2021-27433

CVE-2021-27433 affects the ARM mbed-ualloc memory library (version 1.3.0). The root cause is an integer wrap-around in mbed_krbs, which can lead to arbitrary memory allocation and result in crash or remote code injection/execution. Public sources consistently describe this vulnerability and its i...

CVE-2021-27439

TencentOS-tiny 3.1.0 is reported vulnerable to an integer wrap-around in the tos_mmheap_alloc path, causing incorrect calculation of the allocation size and potentially arbitrary memory allocation, crashes, or remote code execution. The Red Hat/RH CVE entry and multiple references confirm the vul...

CVE-2021-27431

CVE-2021-27431 affects ARM CMSIS RTOS2, versions before 2.1.3. The vulnerability is an integer wrap-around in inosRtxMemoryAlloc (local malloc equivalent) which can lead to arbitrary memory allocation and can cause crashes or injected code execution. Affected product is ARM CMSIS RTOS2 prior to 2...

CVE-2021-27435

CVE-2021-27435 affects ARM Mbed OS 6.3.0. It is due to an integer wrap-around in malloc_wrapper, enabling arbitrary memory allocation and potentially causing a crash or remote code execution. Exploitation status is not detailed in the provided documents, and there is no known public exploit per t...

CVE-2021-27425

CVE-2021-27425 affects Cesanta Software Mongoose-OS v2.17.0. The vulnerability is an integer wrap-around in mm_malloc that can cause improper memory assignment and arbitrary memory allocation, leading to a crash or remote code injection/execution. Public references (NVD/Red Hat/CVE list) corrobor...

CVE-2021-27419

The CVE-2021-27419 entry concerns uClibc-ng: versions prior to 1.0.37 are vulnerable to integer wrap-around in malloc-simple, causing improper memory allocation that can trigger crashes or remote code execution. The underlying cause is integer wrap-around in malloc-simple; impact is partial to hi...

CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

CVE-2021-27411

CVE-2021-27411 affects Micrium OS versions 5.10.1 and earlier. The issue is an integer wrap-around in Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate, causing unverified memory assignments that can allocate arbitrary memory sizes (e.g., very small blocks instead of very large blocks). T...

CVE-2021-27427

The CVE-2021-27427 entry concerns RIOT OS 2020.01.1, where an integer wrap-around in calloc can cause arbitrary memory allocation, leading to a crash or remote code execution. Connected sources corroborate the RIOT OS impact and specify the vulnerability as an integer wrap-around in calloc. The R...