CVE-2021-27433

Name of the Vulnerable Software and Affected Versions mbed-ualloc memory library version 1.3.0

Description The issue is related to an integer wrap-around in the mbed krbs function, which can cause arbitrary memory allocation. This may result in unexpected behavior, including crashes or potentially allowing remote code injection/execution.

Recommendations For version 1.3.0, consider disabling the mbed krbs function as a temporary workaround until a patch is available. Restrict access to sensitive operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.