Security Advisory

CVE-2021-27411

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-05-03 20:18:42
Last updated 2025-04-16 16:25:25
Assigner icscert
State PUBLISHED

Description

Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions Mem_DynPoolCreate, Mem_DynPoolCreateHW and Mem_PoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being allocated instead of very large ones.