Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as untrusted input. The program copies DirName into the local buffer DirWithSep using strcpy. The size of this buffer is OS_MAX_PATH_LEN. If the length of DirName is greater than or equal to OS_MAX_PATH_LEN, a stack buffer overflow occurs, overwriting adjacent stack memory. The path length check (FileUtil_AppendPathSep) is performed after the strcpy operation, meaning the validation occurs too late and cannot prevent the overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenSatKit 安全漏洞
Vulnerability Description
OpenSatKit是OpenSatKit开源的一个应用程序开发工具包。 OpenSatKit 2.2.1版本存在安全漏洞,该漏洞源于DirName字段的复制操作存在栈缓冲区溢出,可能导致覆盖相邻的栈内存。
CVSS Information
N/A
Vulnerability Type
N/A