4 matches found
CVE-2021-26706
An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...
Integer overflow
An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...
CVE-2021-26706
An issue was discovered in libmem.c in Micrium uC/OS uC/LIB 1.38.x and 1.39.00. The following memory allocation functions do not check for integer overflow when allocating a pool whose size exceeds the address space: MemPoolCreate, MemDynPoolCreate, and MemDynPoolCreateHW. Because these functions...
CVE-2021-26706
The CVE-2021-26706 issue affects Micrium uC/OS uC/LIB 1.38.x and 1.39.00, where Mem_PoolCreate, Mem_DynPoolCreate, and Mem_DynPoolCreateHW can overflow when pool sizes exceed address space due to multiplication in size calculations. This can yield a smaller-than-expected memory pool and may be ex...