Security Vulnerabilities - CVEs Published In March 2024
A heap buffer overflow occurs in dfs_v2 dfs_file in RT-Thread through 5.0.2.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-03-27
A heap buffer overflow occurs in the dfs_v2 romfs filesystem RT-Thread through 5.0.2.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-03-27
drivers/wlan/wlan_mgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-03-27
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L * seed + 2531011L; return (seed >> 16) & 0x7FFF;" in calc_random in drivers/misc/rt_random.c.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-03-27
A heap buffer overflow occurs in finsh/msh_file.c and finsh/msh.c in RT-Thread through 5.0.2.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-03-27
A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-03-27
An out-of-bounds access occurs in utilities/var_export/var_export.c in RT-Thread through 5.0.2.
CVSS Score
5.9
EPSS Score
0.0
Published
2024-03-27
A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2.
CVSS Score
9.8
EPSS Score
0.001
Published
2024-03-27
A buffer overflow occurs in utilities/ymodem/ry_sy.c in RT-Thread through 5.0.2 because of an incorrect sprintf call or a missing '\0' character.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-03-27
A buffer overflow occurs in utilities/rt-link/src/rtlink.c in RT-Thread through 5.0.2.
CVSS Score
8.8
EPSS Score
0.001
Published
2024-03-27