CVE-2020-28895 HIGH

Published: 2021-02-03 | Last Modified: 2024-11-21 | Status: Modified

Description

In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.

Additional Descriptions (1)

En Wind River VxWorks, el asignador de memoria presenta un posible desbordamiento en el calculo del tamaño del bloque de memoria que se asignará por medio de la función calloc(). Como resultado, la memoria real asignada es menor que el tamaño del búfer especificado por los argumentos, conllevando a una corrupción en la memoria

CVSS Metrics

Base Score: 7.3 (HIGH)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector	NETWORK
Attack Complexity	LOW
Privileges Required	NONE
User Interaction	NONE
Scope	UNCHANGED
Confidentiality Impact	LOW
Integrity Impact	LOW
Availability Impact	LOW

Source: [email protected]

Type: Primary

Exploitability Score: 3.9

Impact Score: 3.4

Base Score: 7.5 (HIGH)

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector	NETWORK
Access Complexity	LOW
Authentication	NONE
Confidentiality Impact	PARTIAL
Integrity Impact	PARTIAL
Availability Impact	PARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 6.4

Weaknesses

Source	Type	Description
[email protected]	Primary	en CWE-190 en CWE-787

Affected Products

Vendor	Product	Version	Update	Type
windriver	vxworks	*	<built-in method update of dict object at 0x72a9b092b500>	Operating System
windriver	vxworks	6.9.4.12	<built-in method update of dict object at 0x72a9b092be40>	Operating System
windriver	vxworks	6.9.4.12	<built-in method update of dict object at 0x72a9a23a1d80>	Operating System
oracle	communications_eagle	*	<built-in method update of dict object at 0x72a9b092b100>	Application
oracle	communications_eagle	*	<built-in method update of dict object at 0x72a9b0929c00>	Application
oracle	communications_eagle	46.7.0	<built-in method update of dict object at 0x72a9b092b300>	Application

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:windriver:vxworks::::::::`
Yes	`cpe:2.3:o:windriver:vxworks:6.9.4.12:-::::::`
Yes	`cpe:2.3:o:windriver:vxworks:6.9.4.12:rolling_cumulative_patch_layer1::::::`

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:a:oracle:communications_eagle::::::::`
Yes	`cpe:2.3:a:oracle:communications_eagle::::::::`
Yes	`cpe:2.3:a:oracle:communications_eagle:46.7.0:::::::*`

References

https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895
Source: [email protected]

Vendor Advisory
https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327
Source: [email protected]

Permissions Required
https://www.oracle.com/security-alerts/cpuapr2022.html
Source: [email protected]

Patch Third Party Advisory
https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2020-28895
Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory
https://support2.windriver.com/index.php?page=defects&on=view&id=V7LIBC-1327
Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required
https://www.oracle.com/security-alerts/cpuapr2022.html
Source: af854a3a-2127-422b-91ae-364da2661108

Patch Third Party Advisory