← Back

Cloud Iot Device Sdk For Embedded C

cloud_iot_device_sdk_for_embedded_c

Vendor: Google • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-22547
1Google
1Cloud Iot Device Sdk For Embedded C
Jun 17, 2026
May 4, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
In IoT Devices SDK, there is an implementation of calloc() that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowin...Show more
In IoT Devices SDK, there is an implementation of calloc() that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowing the attacker access to the other parts of the heap. We recommend upgrading the Google Cloud IoT Device SDK for Embedded C used to 1.0.3 or greater.Show less