Nxp - Mcuxpresso Software Development Kit CVE

Filtered by vendor Nxp Subscribe

Filtered by product Mcuxpresso Software Development Kit

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-27421	1 Nxp	1 Mcuxpresso Software Development Kit	2022-05-12	7.5 HIGH	9.8 CRITICAL
NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc.

Vulnerabilities (CVE)