Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution.
References
Link | Resource |
---|---|
https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 | Third Party Advisory US Government Resource |
https://www.ti.com/tool/TI-RTOS-MCU | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2023-11-20T19:02:30.434Z
Updated: 2023-11-20T19:04:56.253Z
Reserved: 2021-01-05T18:23:02.914Z
Link: CVE-2021-22636
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-20T19:15:08.173
Modified: 2023-12-01T20:53:55.453
Link: CVE-2021-22636
JSON object: View
Redhat Information
No data.
CWE