1. EXECUTIVE SUMMARY
CISA is aware of a public report, known as “BadAlloc” that details vulnerabilities found in multiple real-time operating systems (RTOS) and supporting libraries. CISA is issuing this advisory to provide early notice of the reported vulnerabilities and identify baseline mitigations for reducing risks to these and other cybersecurity attacks.
The various open-source products may be implemented in forked repositories.
2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSA-21-119-04 Multiple RTOS that was published April 29, 2021, to the ICS webpage on us-cert.cisa.gov.
3. RISK EVALUATION
Successful exploitation of these vulnerabilities could result in unexpected behavior such as a crash or a remote code injection/execution.
4. TECHNICAL DETAILS
4.1 AFFECTED PRODUCTS
--------- Begin Update B Part 1 of 3 ---------
--------- End Update B Part 1 of 3 ---------
Support the originator by clicking the read the rest link below.