CVE-2021-27504

Name of the Vulnerable Software and Affected Versions Texas Instruments SimpleLink series CC13XX, CC26XX, CC32XX, and MSP432E4 (affected versions not specified)

Description The issue is caused by an integer overflow in the implementation of the malloc() function in the FreeRTOS component of the software development kit for Texas Instruments microcontrollers. This can allow an attacker to execute arbitrary code or cause a denial of service. The vulnerability occurs when malloc() returns a valid pointer to a small buffer for extremely large values, triggering the integer overflow.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.