CVE-2020-28895: integer overflow in calloc

Q: What is the vulnerability ID for the memory allocator overflow in Wind River VxWorks?

The vulnerability ID is CVE-2020-28895.

Q: What is the severity of CVE-2020-28895?

The severity of CVE-2020-28895 is high with a CVSS score of 7.3.

Q: Which software is affected by CVE-2020-28895?

Wind River VxWorks versions 6.9 to 6.9.4.12, Wind River VxWorks version 6.9.4.12 with rolling cumulative patch layer 1, Oracle Communications Eagle versions 46.7.0 to 48.6.2 are affected by CVE-2020-28895.

Q: What is the impact of the memory allocator overflow vulnerability in Wind River VxWorks?

The vulnerability could lead to memory corruption, potentially causing system instability and unauthorized access to sensitive information.

Q: Is there a fix available for CVE-2020-28895?

Yes, Wind River has released patches and updates to address the vulnerability. It is recommended to apply the latest updates provided by the vendor.

Published Feb 3, 2021

Updated

In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.

Affected Software

35 affected components

Windriver Vxworks>=6.9<6.9.4.12

Windriver Vxworks=6.9.4.12

Windriver Vxworks=6.9.4.12-rolling_cumulative_patch_layer1

Oracle Communications Eagle>=46.8.0<=48.6.2

Oracle Communications Eagle>=46.9.1<=46.9.3

Oracle Communications Eagle=46.7.0

Multiple Amazon FreeRTOS, Version 10.4.1

Multiple Apache Nuttx OS, Version 9.1.0

Multiple ARM CMSIS-RTOS2, versions prior to 2.1.3

Multiple ARM Mbed OS, Version 6.3.0

Multiple ARM mbed-ualloc, Version 1.3.0

Multiple BlackBerry QNX SDP Versions 6.5.0 SP1 and earlier

Multiple BlackBerry QNX OS for Safety Versions 1.0.1 and earlier safety products compliant with IEC 61508 and/or ISO 26262

Multiple BlackBerry QNX OS for Medical Versions 1.1 and earlier safety products compliant with IEC 62304 A full list of affected QNX products and versions is available here

Multiple A full list of affected QNX products and versions is available here

Multiple Cesanta Software Mongoose OS, v2.17.0

Multiple eCosCentric eCosPro RTOS, Versions 2.0.1 through 4.5.3

Multiple Google Cloud IoT Device SDK, Version 1.0.2

Multiple Media Tek LinkIt SDK, versions prior to 4.6.1

Multiple Micrium OS, Versions 5.10.1 and prior

Multiple Micrium uC/OS: uC/LIB Versions 1.38.xx, Version 1.39.00

Multiple NXP MCUXpresso SDK, versions prior to 2.8.2

Multiple NXP MQX, Versions 5.1 and prior

Multiple Redhat newlib, versions prior to 4.0.0

Multiple RIOT OS, Version 2020.01.1

Multiple Samsung Tizen RT RTOS, versions prior 3.0.GBB

Multiple TencentOS-tiny, Version 3.1.0

Multiple Texas Instruments CC32XX, versions prior to 4.40.00.07

Multiple Texas Instruments SimpleLink MSP432E4XX

Multiple Texas Instruments SimpleLink-CC13XX, versions prior to 4.40.00

Multiple Texas Instruments SimpleLink-CC26XX, versions prior to 4.40.00

Multiple Texas Instruments SimpleLink-CC32XX, versions prior to 4.10.03

Multiple Uclibc-NG, versions prior to 1.0.36

Multiple Windriver VxWorks, prior to 7.0

Multiple Zephyr Project RTOS, versions prior to 2.5

Remediation

Patch Available

https://www.oracle.com/security-alerts/cpuapr2022.html

Event History

Feb 3, 2021

CVE Published

via MITRE·03:16 PM

Data Sourced

via MITRE·03:16 PM

DescriptionSeverity

Frequently Asked Questions

What is the vulnerability ID for the memory allocator overflow in Wind River VxWorks?

The vulnerability ID is CVE-2020-28895.

What is the severity of CVE-2020-28895?

The severity of CVE-2020-28895 is high with a CVSS score of 7.3.

Which software is affected by CVE-2020-28895?