4 matches found
CVE-2019-12261
CVE-2019-12261 is a Wind River VxWorks IPNet TCP vulnerability (6.7–6.9 and vx7) with a Buffer Overflow in the TCP component caused by TCP Urgent Pointer state confusion during connect() to a remote host. The connected documents identify the affected platform, the issue type, and the root cause, ...
CVE-2019-12260
CVE-2019-12260 affects Wind River VxWorks 6.9 and vx7, in the IPNet TCP stack. The issue is a buffer overflow in the TCP component caused by a malformed TCP AO option leading to a TCP Urgent Pointer state confusion. Public sources describe potential for remote code execution or crashes via crafte...
CVE-2020-28895
CVE-2020-28895 affects Wind River VxWorks: the memory allocator can overflow when calculating the size for calloc(), causing the allocated memory to be smaller than the requested buffer and leading to memory corruption. The vulnerability is documented across multiple sources (e.g., Wind River adv...
CVE-2020-35198
CVE-2020-35198 affects Wind River VxWorks 7. The vulnerability is caused by an integer overflow in the memory allocator when calculating a memory block size for calloc(), resulting in the allocated memory being smaller than the requested buffer and causing memory corruption. Public documents in c...