Vulnerabilites related to amazon - freertos
cve-2018-16600
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:32.933Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16600", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16600", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-06T00:00:00", dateUpdated: "2024-08-05T10:24:32.933Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-32020
Vulnerability from cvelistv5
Published
2021-05-03 21:12
Modified
2024-08-03 23:17
Severity ?
EPSS score ?
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:17:28.528Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-03T21:12:44", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-32020", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63", refsource: "MISC", url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-32020", datePublished: "2021-05-03T21:12:44", dateReserved: "2021-05-03T00:00:00", dateUpdated: "2024-08-03T23:17:28.528Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16526
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:32.666Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16526", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16526", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-05T00:00:00", dateUpdated: "2024-08-05T10:24:32.666Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16598
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:32.998Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16598", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16598", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-06T00:00:00", dateUpdated: "2024-08-05T10:24:32.998Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16601
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:32.905Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16601", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16601", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-06T00:00:00", dateUpdated: "2024-08-05T10:24:32.905Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16523
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:32.701Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16523", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16523", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-05T00:00:00", dateUpdated: "2024-08-05T10:24:32.701Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16599
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:33.002Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16599", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16599", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-06T00:00:00", dateUpdated: "2024-08-05T10:24:33.002Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16524
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:32.664Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16524", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16524", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-05T00:00:00", dateUpdated: "2024-08-05T10:24:32.664Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43997
Vulnerability from cvelistv5
Published
2021-11-17 00:00
Modified
2024-08-04 04:10
Severity ?
EPSS score ?
Summary
FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T04:10:16.905Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2", }, { tags: [ "x_transferred", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6", }, { tags: [ "x_transferred", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0", }, { tags: [ "x_transferred", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-11T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2", }, { url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6", }, { url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0", }, { url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-43997", datePublished: "2021-11-17T00:00:00", dateReserved: "2021-11-17T00:00:00", dateUpdated: "2024-08-04T04:10:16.905Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31571
Vulnerability from cvelistv5
Published
2021-04-22 17:56
Modified
2024-08-03 23:03
Severity ?
EPSS score ?
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837 | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:03:33.581Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-03T21:11:47", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31571", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837", refsource: "MISC", url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31571", datePublished: "2021-04-22T17:56:24", dateReserved: "2021-04-22T00:00:00", dateUpdated: "2024-08-03T23:03:33.581Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-31572
Vulnerability from cvelistv5
Published
2021-04-22 17:56
Modified
2024-08-03 23:03
Severity ?
EPSS score ?
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T23:03:33.364Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-05-03T21:12:13", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2021-31572", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b", refsource: "MISC", url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2021-31572", datePublished: "2021-04-22T17:56:35", dateReserved: "2021-04-22T00:00:00", dateUpdated: "2024-08-03T23:03:33.364Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16525
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:32.864Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\\LLMNR packets in prvParseDNSReply.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16525", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\\LLMNR packets in prvParseDNSReply.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16525", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-05T00:00:00", dateUpdated: "2024-08-05T10:24:32.864Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16603
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:32
Severity ?
EPSS score ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:52.265Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16603", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16603", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-06T00:00:00", dateUpdated: "2024-08-05T10:32:52.265Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16602
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:32
Severity ?
EPSS score ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:32:52.259Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16602", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16602", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-06T00:00:00", dateUpdated: "2024-08-05T10:32:52.259Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-28115
Vulnerability from cvelistv5
Published
2024-03-07 20:54
Modified
2024-08-28 17:42
Severity ?
EPSS score ?
Summary
FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r | x_refsource_CONFIRM | |
| https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| FreeRTOS | FreeRTOS-Kernel |
Version: < 10.6.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T00:48:49.237Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r", }, { name: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:freertos:freertos-kernel:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "freertos-kernel", vendor: "freertos", versions: [ { lessThan: "10.6.2", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-28115", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-03-08T19:12:30.872230Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-28T17:42:09.830Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "FreeRTOS-Kernel", vendor: "FreeRTOS", versions: [ { status: "affected", version: "< 10.6.2", }, ], }, ], descriptions: [ { lang: "en", value: "FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper. ", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-284", description: "CWE-284: Improper Access Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-03-07T20:54:00.743Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r", }, { name: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2", tags: [ "x_refsource_MISC", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2", }, ], source: { advisory: "GHSA-xcv7-v92w-gq6r", discovery: "UNKNOWN", }, title: "Privilege Escalation in FreeRTOS Kernel ARMv7-M MPU ports and ARMv8-M ports with MPU support enabled", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-28115", datePublished: "2024-03-07T20:54:00.743Z", dateReserved: "2024-03-04T14:19:14.059Z", dateUpdated: "2024-08-28T17:42:09.830Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-27504
Vulnerability from cvelistv5
Published
2023-11-21 17:43
Modified
2024-08-03 21:26
Severity ?
EPSS score ?
Summary
Texas Instruments devices running FREERTOS, malloc returns a valid
pointer to a small buffer on extremely large values, which can trigger
an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in
code execution.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Texas Instruments | CC32XX |
Version: 0 < 4.40.00.07 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T21:26:09.768Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04", }, { tags: [ "x_transferred", ], url: "https://www.ti.com/tool/TI-RTOS-MCU", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { defaultStatus: "unaffected", product: "CC32XX", vendor: "Texas Instruments", versions: [ { lessThan: "4.40.00.07", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "SimpleLink MSP432E4XX", vendor: "Texas Instruments", versions: [ { status: "affected", version: "all versions", }, ], }, { defaultStatus: "unaffected", product: "SimpleLink-CC13XX", vendor: "Texas Instruments", versions: [ { lessThan: "4.40.00", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "SimpleLink-CC26XX", vendor: "Texas Instruments", versions: [ { lessThan: "4.40.00", status: "affected", version: "0", versionType: "custom", }, ], }, { defaultStatus: "unaffected", product: "SimpleLink-CC32XX", vendor: "Texas Instruments", versions: [ { lessThan: "4.10.03", status: "affected", version: "0", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", user: "00000000-0000-4000-9000-000000000000", value: "David Atch, Omri Ben Bassat, and Tamir Ariel from Microsoft Section 52, and the Azure Defender for IoT research group reported these vulnerabilities to CISA.", }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\n<span style=\"background-color: rgb(255, 255, 255);\">\n\nTexas Instruments devices running FREERTOS, malloc returns a valid \npointer to a small buffer on extremely large values, which can trigger \nan integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in\n code execution.\n\n \n\n </span>\n\n</span>\n\n</span>\n\n</span>", }, ], value: "Texas Instruments devices running FREERTOS, malloc returns a valid \npointer to a small buffer on extremely large values, which can trigger \nan integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in\n code execution.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-11-21T17:43:12.120Z", orgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", shortName: "icscert", }, references: [ { url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04", }, { url: "https://www.ti.com/tool/TI-RTOS-MCU", }, ], solutions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "<div>Texas Instruments CC32XX – Update to v4.40.00.07</div><div>Texas Instruments SimpleLink CC13X0 – <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\">Update to v4.10.03</a></div><div>Texas Instruments SimpleLink CC13X2-CC26X2 – <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\">Update to v4.40.00</a></div><div>Texas Instruments SimpleLink CC2640R2 – <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html\">Update to v4.40.00</a></div><div>Texas Instruments SimpleLink MSP432E4 – Confirmed. No update currently planned</div>\n\n<br>", }, ], value: "Texas Instruments CC32XX – Update to v4.40.00.07\n\nTexas Instruments SimpleLink CC13X0 – Update to v4.10.03 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink CC13X2-CC26X2 – Update to v4.40.00 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink CC2640R2 – Update to v4.40.00 https://www.ti.com/technologies/security/report-product-security-vulnerabilities.html \n\nTexas Instruments SimpleLink MSP432E4 – Confirmed. No update currently planned", }, ], source: { discovery: "EXTERNAL", }, title: "Texas Instruments FREERTOS Integer Overflow or Wraparound", x_generator: { engine: "Vulnogram 0.1.0-dev", }, }, }, cveMetadata: { assignerOrgId: "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", assignerShortName: "icscert", cveId: "CVE-2021-27504", datePublished: "2023-11-21T17:43:12.120Z", dateReserved: "2021-02-19T17:45:42.346Z", dateUpdated: "2024-08-03T21:26:09.768Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-16527
Vulnerability from cvelistv5
Published
2018-12-06 23:00
Modified
2024-08-05 10:24
Severity ?
EPSS score ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T10:24:32.866Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-10-18T00:00:00", descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-12-06T22:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { tags: [ "x_refsource_MISC", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-16527", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", refsource: "CONFIRM", url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { name: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", refsource: "MISC", url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-16527", datePublished: "2018-12-06T23:00:00", dateReserved: "2018-09-05T00:00:00", dateUpdated: "2024-08-05T10:24:32.866Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2024-03-07 21:15
Modified
2024-11-21 09:05
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-advisories@github.com | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2 | Release Notes | |
| security-advisories@github.com | https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r | Technical Description, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2 | Release Notes | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r | Technical Description, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "5BA95DB2-A48A-46A8-B589-F17236ECB4AC", versionEndExcluding: "10.6.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper. ", }, { lang: "es", value: "FreeRTOS es un sistema operativo en tiempo real para microcontroladores. Las versiones del kernel de FreeRTOS hasta la 10.6.1 no protegen suficientemente contra la escalada de privilegios locales a través de técnicas de programación orientada al retorno en caso de que exista una vulnerabilidad que permita la inyección y ejecución de código. Estos problemas afectan a los puertos MPU ARMv7-M y a los puertos ARMv8-M con soporte de unidad protegida de memoria (MPU) habilitado (es decir, `configENABLE_MPU` establecido en 1). Estos problemas se solucionan en la versión 10.6.2 con un nuevo contenedor MPU.", }, ], id: "CVE-2024-28115", lastModified: "2024-11-21T09:05:50.867", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2, impactScore: 6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-03-07T21:15:08.567", references: [ { source: "security-advisories@github.com", tags: [ "Release Notes", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2", }, { source: "security-advisories@github.com", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.6.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Technical Description", "Vendor Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/security/advisories/GHSA-xcv7-v92w-gq6r", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-284", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker.", }, { lang: "es", value: "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. El acceso fuera de límites a los campos de los puertos de origen y destino TCP en xProcessReceivedTCPPacket puede filtrar datos a un atacante.", }, ], id: "CVE-2018-16603", lastModified: "2024-11-21T03:53:02.593", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:01.220", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-11-21 18:15
Modified
2024-11-21 05:58
Severity ?
7.4 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Texas Instruments devices running FREERTOS, malloc returns a valid
pointer to a small buffer on extremely large values, which can trigger
an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in
code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 | Third Party Advisory, US Government Resource | |
| ics-cert@hq.dhs.gov | https://www.ti.com/tool/TI-RTOS-MCU | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ti.com/tool/TI-RTOS-MCU | Product |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | freertos | 10.4.1 | |
| ti | simplelink_cc13xx_software_development_kit | * | |
| ti | simplelink_cc26xx_software_development_kit | * | |
| ti | simplelink_cc32xx_software_development_kit | * | |
| ti | simplelink_msp432e401y | - | |
| ti | simplelink_msp432e411y | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:amazon:freertos:10.4.1:*:*:*:*:*:*:*", matchCriteriaId: "F471FD19-638D-46A4-A68D-C4BDA7FA26EE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ti:simplelink_cc13xx_software_development_kit:*:*:*:*:*:*:*:*", matchCriteriaId: "97B4CA27-1024-4347-8C0B-A8848950CB5B", versionEndExcluding: "4.40.00", vulnerable: true, }, { criteria: "cpe:2.3:a:ti:simplelink_cc26xx_software_development_kit:*:*:*:*:*:*:*:*", matchCriteriaId: "BCC0C102-7DCB-4959-91C6-ECA8429BB1A2", versionEndExcluding: "4.40.00", vulnerable: true, }, { criteria: "cpe:2.3:a:ti:simplelink_cc32xx_software_development_kit:*:*:*:*:*:*:*:*", matchCriteriaId: "61CF4AB1-347E-42F9-89FB-350445ED7E70", versionEndExcluding: "4.10.03", vulnerable: true, }, { criteria: "cpe:2.3:a:ti:simplelink_msp432e401y:-:*:*:*:*:*:*:*", matchCriteriaId: "538BC9EE-7C51-41CC-9A58-5FEB3261EF7C", vulnerable: true, }, { criteria: "cpe:2.3:a:ti:simplelink_msp432e411y:-:*:*:*:*:*:*:*", matchCriteriaId: "EC7C493D-DAC1-4FBD-A056-C9D5CF98F9E0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Texas Instruments devices running FREERTOS, malloc returns a valid \npointer to a small buffer on extremely large values, which can trigger \nan integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in\n code execution.", }, { lang: "es", value: "En los dispositivos de Texas Instruments que ejecutan FREERTOS, malloc devuelve un puntero válido a un pequeño búfer en valores extremadamente grandes, lo que puede desencadenar una vulnerabilidad de desbordamiento de enteros en 'malloc' para FreeRTOS, lo que resulta en la ejecución de código.", }, ], id: "CVE-2021-27504", lastModified: "2024-11-21T05:58:07.470", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.4, impactScore: 5.9, source: "ics-cert@hq.dhs.gov", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-11-21T18:15:07.713", references: [ { source: "ics-cert@hq.dhs.gov", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04", }, { source: "ics-cert@hq.dhs.gov", tags: [ "Product", ], url: "https://www.ti.com/tool/TI-RTOS-MCU", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://www.ti.com/tool/TI-RTOS-MCU", }, ], sourceIdentifier: "ics-cert@hq.dhs.gov", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "ics-cert@hq.dhs.gov", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow division by zero in prvCheckOptions.", }, { lang: "es", value: "Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten la división entre cero en prvCheckOptions.", }, ], id: "CVE-2018-16523", lastModified: "2024-11-21T03:52:54.597", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:00.313", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-369", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.", }, { lang: "es", value: "Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten que atacantes remotos filtren información o ejecuten código arbitrario debido a un desbordamiento de búfer durante la generación de una suma de verificación del protocolo en usGenerateProtocolChecksum y prvProcessIPPacket.", }, ], id: "CVE-2018-16526", lastModified: "2024-11-21T03:52:55.050", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:00.580", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.", }, { lang: "es", value: "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. Una cabecera IP manipulada desencadena la copia de un espacio de memoria completo en prvProcessIPPacket, lo que conduce a una denegación de servicio (DoS) y a la posible ejecución de código", }, ], id: "CVE-2018-16601", lastModified: "2024-11-21T03:53:02.270", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:01.033", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-191", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-11-17 21:15
Modified
2024-11-21 06:30
Severity ?
Summary
FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:amazon:freertos:*:*:*:*:-:*:*:*", matchCriteriaId: "4FB285CB-30B9-4537-9AC8-7C0BF1643D05", versionEndExcluding: "10.4.6", versionStartIncluding: "10.2.0", vulnerable: true, }, { criteria: "cpe:2.3:o:amazon:freertos:10.4.3:patch1:*:*:lts:*:*:*", matchCriteriaId: "95529D7D-3DBE-4227-811F-BBE6F0281CFE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3.", }, { lang: "es", value: "Las versiones de FreeRTOS versiones10.2.0 hasta la 10.4.5 no evitan que el código que no es del núcleo llame a la función interna xPortRaisePrivilege para elevar el privilegio. Las versiones de FreeRTOS hasta la 10.4.6 no impiden que un tercero que ya haya obtenido de forma independiente la capacidad de ejecutar código inyectado consiga una mayor elevación de privilegios bifurcándose directamente dentro de una función envolvente de la API de FreeRTOS MPU con un marco de pila manipulado manualmente. Estos problemas afectan a los puertos ARMv7-M MPU, y a los puertos ARMv8-M con soporte MPU habilitado (es decir, configENABLE_MPU establecido en 1). Estos problemas se han solucionado en V10.5.0 y en V10.4.3-LTS Parche 3.", }, ], id: "CVE-2021-43997", lastModified: "2024-11-21T06:30:10.423", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.2, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-11-17T21:15:07.780", references: [ { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2", }, { source: "cve@mitre.org", url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6", }, { source: "cve@mitre.org", url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.3-LTS-Patch-3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.4.6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/releases/tag/V10.5.0", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure.", }, { lang: "es", value: "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. El acceso fuera de límites a la memoria durante el análisis de paquetes NBNS en prvTreatNBNS se puede emplear para divulgar información.", }, ], id: "CVE-2018-16599", lastModified: "2024-11-21T03:53:01.957", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:00.893", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure.", }, { lang: "es", value: "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. El acceso fuera de límites a la memoria durante el análisis de respuestas DHCP en prvProcessDHCPReplies se puede emplear para divulgar información.", }, ], id: "CVE-2018-16602", lastModified: "2024-11-21T03:53:02.420", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:01.127", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure.", }, { lang: "es", value: "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. El acceso fuera de límites a la memoria durante el análisis de paquetes ARP en eARPProcessPacket se puede emplear para divulgar información.", }, ], id: "CVE-2018-16600", lastModified: "2024-11-21T03:53:02.113", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:00.957", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:53
Severity ?
Summary
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request.", }, { lang: "es", value: "Se ha descubierto un problema en Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect. En xProcessReceivedUDPPacket y prvParseDNSReply, se acepta cualquier respuesta DNS recibida sin confirmar que coincide con la petición DNS enviada.", }, ], id: "CVE-2018-16598", lastModified: "2024-11-21T03:53:01.807", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:00.813", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-441", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-22 18:15
Modified
2024-11-21 06:05
Severity ?
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b | Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "6F5312AF-71BB-4289-BAB4-CE5931098CCD", versionEndExcluding: "10.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in stream_buffer.c for a stream buffer.", }, { lang: "es", value: "El kernel en Amazon Web Services FreeRTOS versiones anteriores a 10.4.3, presenta un desbordamiento de enteros en el archivo stream_buffer.c para un búfer de flujo", }, ], id: "CVE-2021-31572", lastModified: "2024-11-21T06:05:55.653", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-22T18:15:08.547", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/d05b9c123f2bf9090bce386a244fc934ae44db5b", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of TCP options in prvCheckOptions.", }, { lang: "es", value: "Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten la divulgación de información durante el análisis de opciones TCP en prvCheckOptions.", }, ], id: "CVE-2018-16524", lastModified: "2024-11-21T03:52:54.753", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:00.423", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow information disclosure during parsing of ICMP packets in prvProcessICMPPacket.", }, { lang: "es", value: "Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten la divulgación de información durante el análisis de los paquetes ICMP en prvProcessICMPPacket.", }, ], id: "CVE-2018-16527", lastModified: "2024-11-21T03:52:55.223", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:00.657", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-04-22 18:15
Modified
2024-11-21 06:05
Severity ?
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837 | Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "6F5312AF-71BB-4289-BAB4-CE5931098CCD", versionEndExcluding: "10.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has an integer overflow in queue.c for queue creation.", }, { lang: "es", value: "El kernel en Amazon Web Services FreeRTOS versiones anteriores a 10.4.3, presenta un desbordamiento de enteros en el archivo queue.c para una creación de cola", }, ], id: "CVE-2021-31571", lastModified: "2024-11-21T06:05:55.500", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-04-22T18:15:08.520", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/47338393f1f79558f6144213409f09f81d7c4837", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-12-06 23:29
Modified
2024-11-21 03:52
Severity ?
Summary
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| cve@mitre.org | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| amazon | amazon_web_services_freertos | * | |
| amazon | freertos | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:amazon:amazon_web_services_freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "7EADBC4B-05C5-4588-B0D8-DDAF318DFEB1", versionEndIncluding: "1.3.1", vulnerable: true, }, { criteria: "cpe:2.3:a:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "8A645BC4-5A25-47D4-BBA3-BA199C48FE3C", versionEndIncluding: "10.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\\LLMNR packets in prvParseDNSReply.", }, { lang: "es", value: "Amazon Web Services (AWS) FreeRTOS hasta la versión 1.3.1, FreeRTOS hasta V10.0.1 (con FreeRTOS+TCP) y el componente middleware TCP/IP WITTENSTEIN WHIS Connect permiten que atacantes remotos ejecuten código arbitrario o filtren información debido a un desbordamiento de búfer durante el análisis de los paquetes DNS\\LLMNR en prvParseDNSReply.", }, ], id: "CVE-2018-16525", lastModified: "2024-11-21T03:52:54.900", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-12-06T23:29:00.503", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-details/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://blog.zimperium.com/freertos-tcpip-stack-vulnerabilities-put-wide-range-devices-risk-compromise-smart-homes-critical-infrastructure-systems/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Third Party Advisory", ], url: "https://github.com/aws/amazon-freertos/blob/v1.3.2/CHANGELOG.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-05-03 22:15
Modified
2024-11-21 06:06
Severity ?
Summary
The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63 | Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:amazon:freertos:*:*:*:*:*:*:*:*", matchCriteriaId: "6F5312AF-71BB-4289-BAB4-CE5931098CCD", versionEndExcluding: "10.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insufficient bounds checking during management of heap memory.", }, { lang: "es", value: "El kernel en Amazon Web Services FreeRTOS versiones anteriores a 10.4.3, presenta una comprobación insuficiente de límites durante la administración de la memoria de la pila", }, ], id: "CVE-2021-32020", lastModified: "2024-11-21T06:06:43.763", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-05-03T22:15:08.697", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/FreeRTOS/FreeRTOS-Kernel/commit/c7a9a01c94987082b223d3e59969ede64363da63", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }