CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27421

NXP MCUXpresso SDK versions prior to 2.8.2 are vulnerable to integer overflow in SDK_Malloc function, which could allow to access memory locations outside the bounds of a specified array, leading to unexpected behavior such segmentation fault when assigning a particular block of memory from the heap via malloc.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.9%

CVSS Severity

CVSS v3 Score 7.3

CVSS v2 Score 7.5

References

Products affected by CVE-2021-27421

Nxp » Mcuxpresso Software Development Kit » Version: 2.2.1

cpe:2.3:a:nxp:mcuxpresso_software_development_kit:2.2.1
Nxp » Mcuxpresso Software Development Kit » Version: 2.6.10

cpe:2.3:a:nxp:mcuxpresso_software_development_kit:2.6.10
Nxp » Mcuxpresso Software Development Kit » Version: 2.6.13

cpe:2.3:a:nxp:mcuxpresso_software_development_kit:2.6.13
Nxp » Mcuxpresso Software Development Kit » Version: 2.6.7

cpe:2.3:a:nxp:mcuxpresso_software_development_kit:2.6.7
Nxp » Mcuxpresso Software Development Kit » Version: 2.6.8

cpe:2.3:a:nxp:mcuxpresso_software_development_kit:2.6.8
Nxp » Mcuxpresso Software Development Kit » Version: 2.6.9

cpe:2.3:a:nxp:mcuxpresso_software_development_kit:2.6.9
Nxp » Mcuxpresso Software Development Kit » Version: 2.7.0

cpe:2.3:a:nxp:mcuxpresso_software_development_kit:2.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-27421

Products

Pricing

Contact Us