NXP MQX Versions 5.1 and prior are vulnerable to integer overflow in mem_alloc, _lwmem_alloc and _partition functions. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2022-05-03T20:25:18
Updated: 2024-08-03T18:51:06.698Z
Reserved: 2021-01-05T00:00:00
Link: CVE-2021-22680
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-05-03T21:15:08.043
Modified: 2022-05-11T20:13:21.210
Link: CVE-2021-22680
Redhat
No data.