Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
NXP MCUXpresso SDK Integer Overflow or Wraparound
Vulnerability Description
NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
整数溢出或超界折返
Vulnerability Title
NXP MCUXpresso Software Development Kit 输入验证错误漏洞
Vulnerability Description
NXP MCUXpresso Software Development Kit是荷兰NXP公司的一个应用系统。用于简化和加速应用程序的开发与ARM的Cortex恩智浦基于-M的设备,包括通用,交叉和蓝牙的微控制器。 NXP MCUXpresso Software Development Kit 2.8.2之前版本存在输入验证错误漏洞,该漏洞允许访问指定数组边界之外的内存位置,导致意外的行为,如通过Malloc从堆中分配特定的内存块时分段错误。
CVSS Information
N/A
Vulnerability Type
N/A