CVE-2021-27411

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being allocated instead of very large ones.
References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04 Third Party Advisory US Government Resource
https://www.silabs.com/developers/micrium-os Product Vendor Advisory
https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04 Third Party Advisory US Government Resource
https://www.silabs.com/developers/micrium-os Product Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:silabs:micrium_os:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:57

Type Values Removed Values Added
References () https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04 - Third Party Advisory, US Government Resource () https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04 - Third Party Advisory, US Government Resource
References () https://www.silabs.com/developers/micrium-os - Product, Vendor Advisory () https://www.silabs.com/developers/micrium-os - Product, Vendor Advisory

Information

Published : 2022-05-03 21:15

Updated : 2024-11-21 05:57


NVD link : CVE-2021-27411

Mitre link : CVE-2021-27411

CVE.ORG link : CVE-2021-27411


JSON object : View

Products Affected

silabs

  • micrium_os
CWE
CWE-190

Integer Overflow or Wraparound