CVE-2021-31664

Published: Jun 18, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

RIOT-OS 2021.01 before commit 44741ff99f7a71df45420635b238b9c22093647a contains a buffer overflow which could allow attackers to obtain sensitive information.

Affected (1)

Products: Riot Os: Riot

Riot Os

1 product

Riot

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Riot Os Riot	Version 2021.01

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (4)

https://github.com/RIOT-OS/RIOT/commit/44741ff99f7a71df45420635b238b9c22093647a

Source: cve@mitre.org

Third Party Advisory

https://github.com/RIOT-OS/RIOT/pull/15345

Source: cve@mitre.org

Third Party Advisory

https://github.com/RIOT-OS/RIOT/commit/44741ff99f7a71df45420635b238b9c22093647a

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/RIOT-OS/RIOT/pull/15345

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.