CyberSec.Space Logo
Back to CVE Browser

CVE-2021-26461

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0490%
EPSS Percentile39.96th
PublishedJun 21, 2021
Last ModifiedNov 21, 2024

Vulnerability Description

Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.

Affected Platforms (CPE)

📦
Apache

Nuttx

< 10.1.0

References & Advisories

🔗 https://lists.apache.org/thread.html/r806fccf8b003ae812d807c6c7d97950d44ed29b2713418cbe3f2bddd%40%3Cdev.nuttx.apache.org%3E
🔗 https://lists.apache.org/thread.html/r806fccf8b003ae812d807c6c7d97950d44ed29b2713418cbe3f2bddd%40%3Cdev.nuttx.apache.org%3E

Related Vulnerabilities

CVE-2020-19399.8

The Apache NuttX (Incubating) project provides an optional separate "apps" repository which contains various optional components a...

CVE-2020-175299.8

Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows a...

CVE-2020-175289.1

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows a...

CVE-2018-205787.5

An issue was discovered in NuttX before 7.27. The function netlib_parsehttpurl() in apps/netutils/netlib/netlib_parsehttpurl.c mis...