CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2020-35198
https://notcve.org/view.php?id=CVE-2020-35198
An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. Se detectó un problema en Wind River VxWorks versión 7. El asignador de memoria presenta un posible desbordamiento de enteros al calcular el tamaño de un bloque de memoria que es asignado por una función calloc(). • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-35198 https://support2.windriver.com/index.php?page=security-notices https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-28895 – integer overflow in calloc
https://notcve.org/view.php?id=CVE-2020-28895
In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. En Wind River VxWorks, el asignador de memoria presenta un posible desbordamiento en el calculo del tamaño del bloque de memoria que se asignará por medio de la función calloc(). Como resultado, la memoria real asignada es menor que el tamaño del búfer especificado por los argumentos, conllevando a una corrupción en la memoria • https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895 https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327 https://www.oracle.com/security-alerts/cpuapr2022.html • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •