漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
NXP MCUXpresso SDK Integer Overflow or Wraparound
Vulnerability Description
NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
NXP MCUXpresso Software Development Kit 输入验证错误漏洞
Vulnerability Description
NXP MCUXpresso Software Development Kit是荷兰NXP公司的一个应用系统。用于简化和加速应用程序的开发与ARM的Cortex恩智浦基于-M的设备,包括通用,交叉和蓝牙的微控制器。 NXP MCUXpresso Software Development Kit 2.8.2之前版本存在输入验证错误漏洞,该漏洞允许访问指定数组边界之外的内存位置,导致意外的行为,如通过Malloc从堆中分配特定的内存块时分段错误。
CVSS Information
N/A
Vulnerability Type
N/A