5 results (0.011 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of service. Se ha detectado un problema en Samsung TizenRT versiones hasta 3.0_GBM (y 3.1_PRE). createDB en el archivo security/provisioning/src/provisioningdatabasemanager.c presenta un sqlite3_close faltante después de sqlite3_open_v2, conllevando a una denegación de servicio • https://github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/iotivity/iotivity_1.2-rel/resource/csdk/security/provisioning/src/provisioningdatabasemanager.c#L100 https://github.com/Samsung/TizenRT/issues/5627 https://www.sqlite.org/c3ref/open.html • CWE-772: Missing Release of Resource after Effective Lifetime •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 2

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service. Se ha detectado un problema en Samsung TizenRT versiones hasta 3.0_GBM (y 3.1_PRE). createDB en el archivo security/provisioning/src/provisioningdatabasemanager.c presenta una falta de sqlite3_free después de sqlite3_exec, conllevando a una denegación de servicio • https://github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/iotivity/iotivity_1.2-rel/resource/csdk/security/provisioning/src/provisioningdatabasemanager.c#L103 https://github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/iotivity/iotivity_1.2-rel/resource/csdk/security/provisioning/src/provisioningdatabasemanager.c#L107 https://github.com/Samsung/TizenRT/issues/5628 https://www.sqlite.org/c3ref/exec.html • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 1

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction). Se ha detectado un problema en Samsung TizenRT versiones hasta 3.0_GBM (y 3.1_PRE). l2_packet_receive_timeout en el archivo wpa_supplicant/src/l2_packet/l2_packet_pcap.c presenta una comprobación ausente en el valor de retorno de pcap_dispatch, conllevando a una denegación de servicio (mal funcionamiento) • https://github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/wpa_supplicant/src/l2_packet/l2_packet_pcap.c#L181 https://github.com/Samsung/TizenRT/issues/5629 https://linux.die.net/man/3/pcap_dispatch • CWE-252: Unchecked Return Value •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure. Se ha detectado un problema en Samsung TizenRT versiones hasta 3.0_GBM (y 3.1_PRE). La función cyassl_connect_step2 en el archivo curl/vtls/cyassl.c presenta un X509_free faltante después de SSL_get_peer_certificate, conllevando a una divulgación de información • https://github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/curl/vtls/cyassl.c#L545 https://github.com/Samsung/TizenRT/issues/5626 https://www.openssl.org/docs/man1.1.1/man3/SSL_get_peer_certificate.html • CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash Tizen RT RTOS versión 3.0.GBB, es vulnerable a una envoltura de enteros en las funciones functions_calloc y mm_zalloc. Esta asignación de memoria inapropiada puede conllevar a una asignación de memoria arbitraria, resultando en un comportamiento inesperado, como un bloqueo • https://us-cert.cisa.gov/ics/advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •