Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MicroPython modselect.c poll_set_add_fd use after free
Vulnerability Description
A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function poll_set_add_fd of the file extmod/modselect.c. The manipulation leads to use after free. The exploit has been disclosed to the public and may be used. The patch is identified as 8b24aa36ba978eafc6114b6798b47b7bfecdca26. It is recommended to apply a patch to fix this issue. VDB-249158 is the identifier assigned to this vulnerability.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
释放后使用
Vulnerability Title
MicroPython 资源管理错误漏洞
Vulnerability Description
MicroPython是MicroPython开源的一个小型的开源Python编程语言解释器。 MicroPython 1.21.0版本和1.22.0-preview版本存在资源管理错误漏洞,该漏洞源于文件extmod/modselect.c的函数poll_set_add_fd会导致释放后重用。
CVSS Information
N/A
Vulnerability Type
N/A