Podatność CVE-2024-2452


Publikacja: 2024-03-26

Opis:
In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control
parameters of __portable_aligned_alloc() could cause an integer
wrap-around and an allocation smaller than expected. This could cause
subsequent heap buffer overflows.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
High
Eclipse ThreadX Buffer Overflows
Marco Ivaldi
29.05.2024

Typ:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

 Referencje:
https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-h963-7vhw-8rpx

Copyright 2024, cxsecurity.com

 

Back to Top