4 matches found
CVE-2024-28115
CVE-2024-28115 concerns FreeRTOS Kernel versions through 10.6.1, where local privilege escalation is possible via Return Oriented Programming if code injection/execution is possible. Affected are ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled (configENABLE_MPU=1). The issue is fixed...
CVE-2021-32020
CVE-2021-32020 affects the kernel of Amazon Web Services FreeRTOS prior to 10.4.3, where insufficient bounds checking during heap memory management is the root cause. The issue is exploitable over a network with low attack complexity and no authentication, and it carries high potential impact to ...
CVE-2021-31572
CVE-2021-31572 affects Amazon FreeRTOS kernel prior to 10.4.3. The issue is an integer overflow in stream_buffer.c within the stream buffer code, which can lead to memory-related issues on affected devices. The vulnerability has a high severity (CVSS v3.1 base score 9.8, network attack, no user i...
CVE-2021-31571
CVE-2021-31571 affects Amazon FreeRTOS prior to 10.4.3, where an integer overflow in queue.c during queue creation can lead to memory corruption. Red Hat and CNVD entries corroborate the same vulnerability in AWS FreeRTOS. The issue is rooted in queue creation logic; the impact is memory corrupti...