Vulnerabilities > CVE-2021-43268 - Double Free vulnerability in Windriver Vxworks

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

windriver

CWE-415

NVD

Published: 2021-11-24

Updated: 2021-12-01

Summary

An issue was discovered in VxWorks 6.9 through 7. In the IKE component, a specifically crafted packet may lead to reading beyond the end of a buffer, or a double free.

Vulnerable Configurations

Part	Description	Count
OS	Windriver Windriver Vxworks 6.9 Windriver Vxworks 6.9.1 Windriver Vxworks 6.9.2 Windriver Vxworks 6.9.3 Windriver Vxworks 6.9.3.1 Windriver Vxworks 6.9.4 Windriver Vxworks 6.9.4.1 Windriver Vxworks 6.9.4.11 Windriver Vxworks 6.9.4.12 Windriver Vxworks 7 Windriver Vxworks 7.0	15

Common Weakness Enumeration (CWE)

CWE-415 - Double Free

References

https://support2.windriver.com/index.php?page=cve&on=view&id=CVE-2021-43268