13 matches found
CVE-2025-48768
Release of Invalid Pointer or Reference vulnerability was discovered in fs/inode/fsinoderemove code of the Apache NuttX RTOS that allowed root filesystem inode removal leading to a debug assert trigger that is disabled by default, NULL pointer dereference handled differently depending on the targ...
CVE-2025-48769
Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...
EUVD-2026-0010
Use After Free vulnerability was discovered in fs/vfs/fsrename code of the Apache NuttX RTOS, that due recursive implementation and single buffer use by two different pointer variables allowed arbitrary user provided size buffer reallocation and write to the previously freed heap chunk, that in...
CVE-2025-48768 Apache NuttX RTOS: fs/inode: fs_inoderemove root inode removal
Release of Invalid Pointer or Reference vulnerability was discovered in fs/inode/fsinoderemove code of the Apache NuttX RTOS that allowed root filesystem inode removal leading to a debug assert trigger that is disabled by default, NULL pointer dereference handled differently depending on the targ...
PT-2025-54473
Name of the Vulnerable Software and Affected Versions Apache NuttX RTOS versions 10.0.0 through 12.9.9 Description A flaw exists in the fs/inode/fs inoderemove code of the Apache NuttX RTOS that allows root filesystem inode removal. This can lead to a debug assert trigger disabled by default, a...
CVE-2025-47869
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability was discovered in Apache NuttX RTOS apps/exapmles/xmlrpc application. In this example application device stats structure that stored remotely provided parameters had hardcoded buffer size which could lead to...
CVE-2025-47869
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability was discovered in Apache NuttX RTOS apps/exapmles/xmlrpc application. In this example application device stats structure that stored remotely provided parameters had hardcoded buffer size which could lead to...
CVE-2025-47869
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability was discovered in Apache NuttX RTOS apps/exapmles/xmlrpc application. In this example application device stats structure that stored remotely provided parameters had hardcoded buffer size which could lead to...
CVE-2025-47869 Apache NuttX RTOS: examples/xmlrpc: Fix calls buffers size.
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability was discovered in Apache NuttX RTOS apps/exapmles/xmlrpc application. In this example application device stats structure that stored remotely provided parameters had hardcoded buffer size which could lead to...
CVE-2025-47869
CVE-2025-47869 affects Apache NuttX RTOS, specifically the apps/examples/xmlrpc component. A device stats structure stored remotely provided parameters using hardcoded buffers can lead to a buffer overflow. The buffers were corrected to CONFIG_XMLRPC_STRINGSIZE+1 in the release 12.9.0 example, af...
CVE-2025-47868 Apache NuttX RTOS: tools/bdf-converter.: tools/bdf-converter: Fix loop termination condition.
Out-of-bounds Write resulting in possible Heap-based Buffer Overflow vulnerability was discovered in tools/bdf-converter font conversion utility that is part of Apache NuttX RTOS repository. This standalone program is optional and neither part of NuttX RTOS nor Applications runtime, but active...
CVE-2025-47868 Apache NuttX RTOS: tools/bdf-converter.: tools/bdf-converter: Fix loop termination condition.
Out-of-bounds Write resulting in possible Heap-based Buffer Overflow vulnerability was discovered in tools/bdf-converter font conversion utility that is part of Apache NuttX RTOS repository. This standalone program is optional and neither part of NuttX RTOS nor Applications runtime, but active...
PT-2025-25490 · Apache · Apache Nuttx Rtos
Name of the Vulnerable Software and Affected Versions: Apache NuttX RTOS versions 6.22 through 12.9.0 Description: An issue was discovered in the Apache NuttX RTOS apps/examples/xmlrpc application, where a device stats structure stored remotely provided parameters with a hardcoded buffer size,...