| Title | micropython micropython v1.13 to v1.21.0 buffer overflow |
|---|
| Description | slice_indices misinterprets the float value as an integer value, which leads to a buffer overflow of the target array.
it can be used as an attack vector to read and write the contents over the array (to the chunk placed after the array). |
|---|
| Source | ⚠️ https://github.com/micropython/micropython/issues/13007 |
|---|
| User | qbit (UID 60633) |
|---|
| Submission | 12/28/2023 08:54 (2 years ago) |
|---|
| Moderation | 12/28/2023 15:29 (7 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 249180 [MicroPython up to 1.21.0 objslice.c slice_indices heap-based overflow] |
|---|
| Points | 17 |
|---|