CVE-2021-27417 in eCosPro RTOS
要約
〜によって MITRE • 2022年05月04日
eCosCentric eCosPro RTOS Versions 2.0.1 through 4.5.3 are vulnerable to integer wraparound in function calloc (an implementation of malloc). The unverified memory assignment can lead to arbitrary memory allocation, resulting in a heap-based buffer overflow.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.