Apache NuttX (incubating) Out of Bound Write from invalid TCP Urgent length

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.

N/A

跨界内存写

Apache NuttX 缓冲区错误漏洞

Apache NuttX是美国阿帕奇软件（Apache Software）基金会的一套实时嵌入式操作系统。TCP（Transmission Control Protocol,传输控制协议）是一种面向连接的、可靠的、基于字节流的传输层通信协议，由IETF的RFC 793定义。 Apache NuttX 存在安全漏洞，该漏洞源于9.1.0和10.0.0允许攻击者可利用该漏洞通过提供TCP包内的任意紧急数据指针偏移量(包括包的长度以外)来破坏内存。

N/A

N/A