CVE-2021-27411

MEDIUM Year: 2021
CVSS v3 Score
6.5
Medium
CVSS v2 Score
6.4
Medium
Weakness Type
CWE-190
View all →

Vulnerability Description

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being allocated instead of very large ones.

Related Vulnerabilities

CVE-2010-4653

MEDIUM
CVSS:6.5(Medium)

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.

CWE-1902010

CVE-2016-10507

MEDIUM
CVSS:6.5(Medium)

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application c...

CWE-1902016

CVE-2016-2120

MEDIUM
CVSS:6.5(Medium)

An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone un...

CWE-1902016

CVE-2016-5223

MEDIUM
CVSS:6.5(Medium)

Integer overflow in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption or DoS via a...

CWE-1902016

CVE-2016-5844

MEDIUM
CVSS:6.5(Medium)

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

CWE-1902016

CVE-2016-6177

MEDIUM
CVSS:6.5(Medium)

The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. An authenticated attacker may send massive abnormal Network File System (NFS) packets, causing an anomaly in specific disk ...

CWE-1902016