CVE-2017-7936

Published: Aug 7, 2017Modified: May 13, 2026

6.3

Vector

CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 0.4 / Impact: 5.9

Source: NVD

Description

A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory.

Affected (27)

Nxp

27 products

Vybrid Mvf30nn151cku26 Firmware

Vybrid Mvf30ns151cku26 Firmware

Vybrid Mvf50nn151cmk40 Firmware

Vybrid Mvf50nn151cmk50 Firmware

Vybrid Mvf50ns151cmk40 Firmware

Vybrid Mvf50ns151cmk50 Firmware

Vybrid Mvf51nn151cmk50 Firmware

Vybrid Mvf51ns151cmk50 Firmware

Vybrid Mvf60nn151cmk40 Firmware

Vybrid Mvf60ns151cmk40 Firmware

Vybrid Mvf60nn151cmk50 Firmware

Vybrid Mvf60ns151cmk50 Firmware

Vybrid Mvf61nn151cmk50 Firmware

Vybrid Mvf61ns151cmk50 Firmware

Vybrid Mvf62nn151cmk40 Firmware

I.mx 50 Firmware

I.mx 53 Firmware

I.mx 6ull Firmware

I.mx 6ultralite Firmware

I.mx 6sololite Firmware

I.mx 6solo Firmware

I.mx 6duallite Firmware

I.mx 6solox Firmware

I.mx 6dual Firmware

I.mx 6quad Firmware

I.mx 6quadplus Firmware

I.mx 6dualplus Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf30nn151cku26 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf30nn151cku26	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf30ns151cku26 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf30ns151cku26	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf50nn151cmk40 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf50nn151cmk40	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf50nn151cmk50 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf50nn151cmk50	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf50ns151cmk40 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf50ns151cmk40	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf50ns151cmk50 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf50ns151cmk50	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf51nn151cmk50 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf51nn151cmk50	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf51ns151cmk50 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf51ns151cmk50	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf60nn151cmk40 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf60nn151cmk40	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf60ns151cmk40 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf60ns151cmk40	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf60nn151cmk50 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf60nn151cmk50	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf60ns151cmk50 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf60ns151cmk50	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf61nn151cmk50 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf61nn151cmk50	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf61ns151cmk50 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf61ns151cmk50	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp Vybrid Mvf62nn151cmk40 Firmware	All versions

Running on/with	Platform Versions
Nxp Vybrid Mvf62nn151cmk40	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 50 Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 50	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 53 Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 53	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6ull Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6ull	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6ultralite Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6ultralite	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6sololite Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6sololite	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6solo Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6solo	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6duallite Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6duallite	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6solox Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6solox	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6dual Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6dual	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6quad Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6quad	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6quadplus Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6quadplus	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Nxp I.mx 6dualplus Firmware	All versions

Running on/with	Platform Versions
Nxp I.mx 6dualplus	All versions

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

CWE-121

Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References (4)

http://www.securityfocus.com/bid/99966

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government ResourceVDB Entry

http://www.securityfocus.com/bid/99966

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government ResourceVDB Entry

Timeline

No history available yet.