Cfs
Monthly
Integer overflow in NASA cFS CFE_TBL_ValidateCodecLoadSize function (cfe_tbl_passthru_codec.c) on 32-bit systems allows authenticated local attackers with low privileges to cause limited integrity and availability impact, though exploitation requires high attack complexity and no public exploit code has been identified; a fix is planned for an upcoming release milestone.
Memory corruption in NASA cFS up to version 7.0.0 via manipulation of the CFE_SB_TransmitMsg function in the CCSDS Header Size Handler component allows local attackers with low privileges to corrupt memory, potentially leading to denial of service or information disclosure. No public exploit code or active exploitation has been confirmed; the vendor was notified early but has not yet released a patch as of analysis time.
Integer overflow in NASA cFS CFE_TBL_ValidateCodecLoadSize function (cfe_tbl_passthru_codec.c) on 32-bit systems allows authenticated local attackers with low privileges to cause limited integrity and availability impact, though exploitation requires high attack complexity and no public exploit code has been identified; a fix is planned for an upcoming release milestone.
Memory corruption in NASA cFS up to version 7.0.0 via manipulation of the CFE_SB_TransmitMsg function in the CCSDS Header Size Handler component allows local attackers with low privileges to corrupt memory, potentially leading to denial of service or information disclosure. No public exploit code or active exploitation has been confirmed; the vendor was notified early but has not yet released a patch as of analysis time.