PT-2021-4041 · Freertos · Freertos

Published

2021-04-22

Updated

2021-06-02

CVE-2021-31572

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions FreeRTOS versions prior to 10.4.3

Description The issue is related to an integer overflow in the stream buffer.c component of the FreeRTOS kernel, which can be exploited by a remote attacker to execute arbitrary code. This is a result of a flaw in the stream buffer handling mechanism.

Recommendations For versions prior to 10.4.3, update to version 10.4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the stream buffer functionality to minimize the risk of exploitation.

Fix

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

BDU:2021-04569

CVE-2021-31572

Affected Products

Freertos

PT-2021-4041 · Freertos · Freertos

CVE-2021-31572

Weakness Enumeration

Related Identifiers

Affected Products

References · 6