FreeRTOS is a real-time operating system for microcontrollers. FreeRTOS Kernel versions through 10.6.1 do not sufficiently protect against local privilege escalation via Return Oriented Programming techniques should a vulnerability exist that allows code injection and execution. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled (i.e. `configENABLE_MPU` set to 1). These issues are fixed in version 10.6.2 with a new MPU wrapper.
Metrics
Affected Vendors & Products
References
History
Tue, 01 Oct 2024 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Amazon
Amazon freertos |
|
Weaknesses | NVD-CWE-Other | |
CPEs | cpe:2.3:o:amazon:freertos:*:*:*:*:*:*:*:* | |
Vendors & Products |
Amazon
Amazon freertos |
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-03-07T20:54:00.743Z
Updated: 2024-08-28T17:42:09.830Z
Reserved: 2024-03-04T14:19:14.059Z
Link: CVE-2024-28115
Vulnrichment
Updated: 2024-08-02T00:48:49.237Z
NVD
Status : Modified
Published: 2024-03-07T21:15:08.567
Modified: 2024-11-21T09:05:50.867
Link: CVE-2024-28115
Redhat
No data.