Junwha Hong and Wonil Jang discovered that Micropython incorrectly handled the length of a buffer in mp_vfs_umount, leading to a heap-based buffer overflow vulnerability. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-8946) Junwha Hong and Wonil Jang discovered that Micropython incorrectly handled memory, leading to a use-after-free vulnerability under certain circumstances. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2024-8947) It was discovered that Middleware USB Host MCU Component incorrectly handled memory, leading to a buffer overflow vulnerability, If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or possibly execute arbitrary code. (CVE-2021-42553)
Continue reading...
Continue reading...
