Omri Ben Bassat

**Name of the Vulnerable Software and Affected Versions** bhyve (affected versions not specified) **Description** A bug in the state machine implementation of the fwctl driver can result in a buffer overflowing when a guest VM copies a string into a buffer in the bhyve process' memory. This can be exploited by malicious, privileged software running in a guest VM to achieve code execution on the host in the bhyve userspace process, which typically runs as root. The risk is mitigated by the capabilities assigned through the Capsicum sandbox available to the bhyve process. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MediaTek LinkIt SDK versions prior to 4.6.1 **Description** The issue is related to a possible memory corruption due to an integer overflow during mishandled memory allocation by `pvPortCalloc` and `pvPortRealloc`. This can lead to potential security risks. **Recommendations** For versions prior to 4.6.1, update to version 4.6.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of `pvPortCalloc` and `pvPortRealloc` functions until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Texas Instruments SimpleLink Wi-Fi versions prior to MSP432E4 SDK: v4.20.00.12 Texas Instruments SimpleLink Wi-Fi CC32XX SDK versions prior to v4.30.00.06 Texas Instruments SimpleLink Wi-Fi CC13X0 SDK versions prior to v4.10.03 Texas Instruments SimpleLink Wi-Fi CC13X2 and CC26XX SDK versions prior to v4.40.00 Texas Instruments SimpleLink Wi-Fi CC3200 SDK versions prior to v1.5.0 Texas Instruments SimpleLink Wi-Fi CC3100 SDK versions prior to v1.3.0 **Description** The issue arises from an integer overflow when parsing malformed over-the-air firmware update files, potentially allowing remote code execution. **Recommendations** For MSP432E4 SDK versions prior to v4.20.00.12, update to a version later than v4.20.00.12 to resolve the issue. For CC32XX SDK versions prior to v4.30.00.06, update to a version later than v4.30.00.06 to resolve the issue. For CC13X0 SDK versions prior to v4.10.03, update to a version later than v4.10.03 to resolve the issue. For CC13X2 and CC26XX SDK versions prior to v4.40.00, update to a version later than v4.40.00 to resolve the issue. For CC3200 SDK versions prior to v1.5.0, update to a version later than v1.5.0 to resolve the issue. For CC3100 SDK versions prior to v1.3.0, update to a version later than v1.3.0 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** SimpleLink Wi-Fi (MSP432E4 SDK) versions v4.20.00.12 and prior SimpleLink Wi-Fi (CC32XX SDK) versions v4.30.00.06 and prior SimpleLink Wi-Fi (CC13X0 SDK) versions prior to v4.10.03 SimpleLink Wi-Fi (CC13X2 and CC26XX SDK) versions prior to v4.40.00 SimpleLink Wi-Fi (CC3200 SDK) versions v1.5.0 and prior SimpleLink Wi-Fi (CC3100 SDK) versions v1.3.0 and prior **Description** The issue arises from multiple integer overflow problems when handling long domain names, potentially allowing remote code execution. **Recommendations** For MSP432E4 SDK versions v4.20.00.12 and prior, update to a version later than v4.20.00.12. For CC32XX SDK versions v4.30.00.06 and prior, update to a version later than v4.30.00.06. For CC13X0 SDK versions prior to v4.10.03, update to version v4.10.03 or later. For CC13X2 and CC26XX SDK versions prior to v4.40.00, update to version v4.40.00 or later. For CC3200 SDK versions v1.5.0 and prior, update to a version later than v1.5.0. For CC3100 SDK versions v1.3.0 and prior, update to a version later than v1.3.0.

**Name of the Vulnerable Software and Affected Versions** SimpleLink Wi-Fi (MSP432E4 SDK) versions v4.20.00.12 and prior SimpleLink Wi-Fi (CC32XX SDK) versions v4.30.00.06 and prior SimpleLink Wi-Fi (CC13X0 SDK) versions prior to v4.10.03 SimpleLink Wi-Fi (CC13X2 and CC26XX SDK) versions prior to v4.40.00 SimpleLink Wi-Fi (CC3200 SDK) versions v1.5.0 and prior SimpleLink Wi-Fi (CC3100 SDK) versions v1.3.0 and prior **Description** The issue is related to an integer overflow that occurs while processing HTTP headers. This may allow an attacker to remotely execute code. **Recommendations** For MSP432E4 SDK versions v4.20.00.12 and prior, update to a version later than v4.20.00.12. For CC32XX SDK versions v4.30.00.06 and prior, update to a version later than v4.30.00.06. For CC13X0 SDK versions prior to v4.10.03, update to version v4.10.03 or later. For CC13X2 and CC26XX SDK versions prior to v4.40.00, update to version v4.40.00 or later. For CC3200 SDK versions v1.5.0 and prior, update to a version later than v1.5.0. For CC3100 SDK versions v1.3.0 and prior, update to a version later than v1.3.0.

**Name of the Vulnerable Software and Affected Versions** SimpleLink Wi-Fi versions prior to MSP432E4 SDK: v4.20.00.12 SimpleLink Wi-Fi versions prior to CC32XX SDK: v4.30.00.06 SimpleLink Wi-Fi versions prior to CC13X0 SDK: v4.10.03 SimpleLink Wi-Fi versions prior to CC13X2 and CC26XX SDK: v4.40.00 SimpleLink Wi-Fi versions prior to CC3200 SDK: v1.5.0 SimpleLink Wi-Fi versions prior to CC3100 SDK: v1.3.0 **Description** An integer overflow exists in the APIs of the host MCU while trying to connect to a WIFI network, which may lead to issues such as a denial-of-service condition or code execution. **Recommendations** For versions prior to MSP432E4 SDK: v4.20.00.12, update to a version newer than v4.20.00.12. For versions prior to CC32XX SDK: v4.30.00.06, update to a version newer than v4.30.00.06. For versions prior to CC13X0 SDK: v4.10.03, update to a version newer than v4.10.03. For versions prior to CC13X2 and CC26XX SDK: v4.40.00, update to a version newer than v4.40.00. For versions prior to CC3200 SDK: v1.5.0, update to a version newer than v1.5.0. For versions prior to CC3100 SDK: v1.3.0, update to a version newer than v1.3.0.

**Name of the Vulnerable Software and Affected Versions** Texas Instruments SimpleLink Wi-Fi versions prior to MSP432E4 SDK: v4.20.00.12 Texas Instruments SimpleLink Wi-Fi versions prior to CC32XX SDK v4.30.00.06 Texas Instruments SimpleLink Wi-Fi versions prior to CC13X0 SDK v4.10.03 Texas Instruments SimpleLink Wi-Fi versions prior to CC13X2 and CC26XX SDK v4.40.00 Texas Instruments SimpleLink Wi-Fi versions prior to CC3200 SDK v1.5.0 Texas Instruments SimpleLink Wi-Fi versions prior to CC3100 SDK v1.3.0 **Description** The issue is related to a stack-based buffer overflow that occurs when processing over-the-air firmware updates from the CDN server. This may allow an attacker to remotely execute code. **Recommendations** For versions prior to MSP432E4 SDK: v4.20.00.12, update to a version newer than v4.20.00.12. For versions prior to CC32XX SDK v4.30.00.06, update to a version newer than v4.30.00.06. For versions prior to CC13X0 SDK v4.10.03, update to a version newer than v4.10.03. For versions prior to CC13X2 and CC26XX SDK v4.40.00, update to a version newer than v4.40.00. For versions prior to CC3200 SDK v1.5.0, update to a version newer than v1.5.0. For versions prior to CC3100 SDK v1.3.0, update to a version newer than v1.3.0.