Description
Use After Free vulnerability in No-Chicken Echo-Mate (‎SDK/rv1106-sdk/sysdrv/source/kernel/mm modules). This vulnerability is associated with program files rmap.C‎.

This issue affects Echo-Mate: before V250329.
Published: 2026-03-24
Score: 7.3 High
EPSS: < 1% Very Low
KEV: No
Impact: Use‑after‑free memory corruption
Action: Apply patch
AI Analysis

Impact

A use‑after‑free defect exists in the kernel memory management modules of the No‑Chicken Echo‑Mate SDK, affecting the program files rmap.C. The flaw enables access to memory that has already been freed, which can lead to unexpected data manipulation or system instability.

Affected Systems

The vulnerability applies to Echo‑Mate firmware versions earlier than V250329. All installations that include the affected kernel modules are impacted.

Risk and Exploitability

The CVSS score of 7.3 indicates a high severity risk. No EPSS data or KEV listing is available, so the likelihood of proactive exploitation is unclear. The flaw resides in a kernel component, suggesting a local exploitation path; however, if the device is exposed to external networks, remote exploitation could be possible depending on additional access conditions.

Generated by OpenCVE AI on March 24, 2026 at 04:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Echo‑Mate firmware to version V250329 or later to apply the patch for the corrupted memory modules.
  • If an upgrade cannot be performed immediately, consider disabling or removing the affected kernel module associated with rmap.C to limit the exploitation surface.
  • Monitor device logs and network traffic for anomalous behavior that may indicate an attempt to leverage the use‑after‑free flaw, and reinforce access controls or network segmentation as defensive measures.

Generated by OpenCVE AI on March 24, 2026 at 04:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 24 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared No-chicken
No-chicken echo-mate
Vendors & Products No-chicken
No-chicken echo-mate

Tue, 24 Mar 2026 03:30:00 +0000

Type Values Removed Values Added
Description Use After Free vulnerability in No-Chicken Echo-Mate (‎SDK/rv1106-sdk/sysdrv/source/kernel/mm modules). This vulnerability is associated with program files rmap.C‎. This issue affects Echo-Mate: before V250329.
Title Use-After-Free Vulnerability in No-Chicken/Echo-Mate
Weaknesses CWE-416
References
Metrics cvssV4_0

{'score': 7.3, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/S:N/AU:N/R:U/V:D/RE:L/U:Amber'}

Subscriptions

No-chicken Echo-mate
cve-icon MITRE

Status: PUBLISHED

Assigner: GovTech CSG

Published:

Updated: 2026-03-24T14:35:46.646Z

Reserved: 2026-03-24T03:15:54.004Z

Link: CVE-2026-4737

cve-icon Vulnrichment

Updated: 2026-03-24T14:35:43.078Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-24T04:17:27.913

Modified: 2026-03-24T15:53:48.067

Link: CVE-2026-4737

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:40:20Z

Weaknesses