VDB

CVE-2021-22636

CVE-2021-22636 PUBLISHED CVSS 7.400000095367432 HIGH

Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution.

EPSS 0.04% · 13.1th percentile

Risk Scores

CVSS 3.1
7.400000095367432
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.04%
13.1th percentile

Affected Products

VendorProductVersions
tisimplelink_cc32xx_software_development_kit0
Texas InstrumentsSimpleLink-CC32XX0
Texas InstrumentsSimpleLink MSP432E4XX*
Texas InstrumentsCC32XX0
Texas InstrumentsSimpleLink-CC13XX0
tisimplelink_msp432e401y
tisimplelink_cc13xx_software_development_kit0
tisimplelink_cc26xx_software_development_kit0
tireal-time_operating_system
Texas InstrumentsSimpleLink-CC26XX0
tisimplelink_msp432e411y

Timeline

  • Nov 20, 2023 CVE Published
  • Nov 21, 2023 EPSS Score
  • Dec 21, 2023 EPSS Score
  • Jan 20, 2024 EPSS Score
  • Feb 19, 2024 EPSS Score
  • Mar 20, 2024 EPSS Score
  • Apr 19, 2024 EPSS Score
  • May 19, 2024 EPSS Score
  • Jun 18, 2024 EPSS Score
  • Jul 18, 2024 EPSS Score
  • Aug 3, 2024 CVE Updated
  • Aug 17, 2024 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›