CVE-2021-27427

Name of the Vulnerable Software and Affected Versions RIOT OS version 2020.01.1

Description The issue is related to an integer overflow vulnerability in the implementation of the calloc function in the RIOT operating system for network devices. This vulnerability can be exploited by a remote attacker to execute arbitrary code, potentially leading to unexpected behavior such as a crash or remote code injection.

Recommendations For RIOT OS version 2020.01.1, consider applying a patch or update that fixes the integer wrap-around issue in the calloc function implementation to prevent arbitrary memory allocation and potential code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.