CVE-2021-42553

A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated when using a RTOS such as FreeRTOS on STM32 MCUs.
Configurations

Configuration 1 (hide)

cpe:2.3:a:st:stm32_mw_usb_host:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-10-21 10:15

Updated : 2024-02-28 19:29


NVD link : CVE-2021-42553

Mitre link : CVE-2021-42553

CVE.ORG link : CVE-2021-42553


JSON object : View

Products Affected

st

  • stm32_mw_usb_host
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')