← Back

Kindle Firmware

kindle_firmware

Vendor: Amazon • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-30355
1Amazon
1Kindle Firmware
Nov 21, 2024
Sep 1, 2021
N/A· v4
8.6 HIGH· v3
9.3 HIGH· v2
Amazon Kindle e-reader prior to and including version 5.13.4 improperly manages privileges, allowing the framework user to elevate privileges to root.
CVE-2021-30354
1Amazon
1Kindle Firmware
Nov 21, 2024
Sep 1, 2021
N/A· v4
8.6 HIGH· v3
9.3 HIGH· v2
Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code...Show more
Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted PDF book.Show less