Description
TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy() and strcat() functions when constructing device paths during automatic device discovery. A local attacker can exploit this by creating specially crafted filenames under /dev/usb/, leading to stack memory corruption and application crashes.
Published: 2026-01-12
Score: 4.8 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via stack buffer overflow
Action: Patch Now
AI Analysis

Impact

A stack-based buffer overflow in TinyOS 2.1.2 and earlier arises from unsafe use of strcpy() and strcat() when constructing device paths during automatic discovery. A local attacker who can create specially crafted filenames under /dev/usb/ can trigger stack memory corruption, leading to application crashes. The vulnerability is a classic stack overflow (CWE‑121).

Affected Systems

The affected product is TinyOS, specifically all releases up to and including 2.1.2. Devices running these versions that perform automatic device discovery and allow writing under /dev/usb/ could be affected.

Risk and Exploitability

The CVSS score of 4.8 indicates moderate severity. EPSS indicates a very low probability of exploitation (<1%). The vulnerability is not listed in CISA’s Known Exploited Vulnerabilities catalog. Exploitation requires local file system access, so the attack vector is local (the attacker must be able to create files under /dev/usb/). The impact is denial of service due to stack memory corruption and application crashes.

Generated by OpenCVE AI on April 18, 2026 at 16:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade TinyOS to a version later than 2.1.2 to remove the unsafe string operations in mcp2200gpio.
  • If an upgrade is not feasible, restrict write permissions to /dev/usb/ so that only trusted users can create device path files.
  • Disable automatic device discovery in mcp2200gpio or configure it to ignore /dev/usb/ directories to prevent the overflow from being triggered.

Generated by OpenCVE AI on April 18, 2026 at 16:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 13 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 13 Jan 2026 09:30:00 +0000

Type Values Removed Values Added
First Time appeared Tinyos
Tinyos tinyos
Vendors & Products Tinyos
Tinyos tinyos

Mon, 12 Jan 2026 23:15:00 +0000

Type Values Removed Values Added
Description TinyOS versions up to and including 2.1.2 contain a stack-based buffer overflow vulnerability in the mcp2200gpio utility. The vulnerability is caused by unsafe use of strcpy() and strcat() functions when constructing device paths during automatic device discovery. A local attacker can exploit this by creating specially crafted filenames under /dev/usb/, leading to stack memory corruption and application crashes.
Title TinyOS <= 2.1.2 Stack-Based Buffer Overflow in mcp2200gpio
Weaknesses CWE-121
References
Metrics cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Tinyos Tinyos
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-01-13T19:06:27.766Z

Reserved: 2026-01-06T16:47:17.187Z

Link: CVE-2026-22212

cve-icon Vulnrichment

Updated: 2026-01-13T19:06:23.122Z

cve-icon NVD

Status : Deferred

Published: 2026-01-12T23:15:52.140

Modified: 2026-06-17T10:19:33.600

Link: CVE-2026-22212

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T16:30:05Z

Weaknesses
  • CWE-121

    Stack-based Buffer Overflow