Описание
Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FF_Close() is defined in ff_file.c. The file handler pxFile is freed by ffconfigFREE, which (by default) is a macro definition of vPortFree(), but it is reused to flush modified file content from the cache to disk by the function FF_FlushCache().
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:amazon:freertos\+fat:160919a:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00278
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-416
Связанные уязвимости
github
больше 3 лет назад
Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The function FF_Close() is defined in ff_file.c. The file handler pxFile is freed by ffconfigFREE, which (by default) is a macro definition of vPortFree(), but it is reused to flush modified file content from the cache to disk by the function FF_FlushCache().
EPSS
Процентиль: 51%
0.00278
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-416