Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2021-22547
HistoryMay 04, 2021 - 1:15 p.m.

CVE-2021-22547

2021-05-0413:15:07
Google
osv.dev
6
iot
devices
sdk
calloc()
vulnerability
google cloud
upgrade
embedded c
software

AI Score

7

Confidence

High

EPSS

0

Percentile

12.6%

JSON

In IoT Devices SDK, there is an implementation of calloc() that doesn’t have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowing the attacker access to the other parts of the heap. We recommend upgrading the Google Cloud IoT Device SDK for Embedded C used to 1.0.3 or greater.

Related

cve 1
nvd 1
prion 1
cvelist 1
cnvd 1
cve
cve
CVE-2021-22547
2021-05-04 13:15:07
nvd
nvd
CVE-2021-22547
2021-05-04 13:15:07
prion
prion
Buffer overflow
2021-05-04 13:15:00
cvelist
cvelist
CVE-2021-22547 Buffer overrun in Google Cloud IoT Device SDK for Embedded C
2021-05-04 13:05:17
cnvd
cnvd
Unspecified vulnerability in iot-device-sdk-embedded-c
2022-04-15 00:00:00

AI Score

7

Confidence

High

EPSS

0

Percentile

12.6%

JSON
Related for OSV:CVE-2021-22547
cve1nvd1prion1cvelist1cnvd1