CVE-2020-17528

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-17528

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-17528.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-17528

Published

2020-12-09T17:15:29.900Z

Modified

2026-04-10T04:24:30.014034Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator

Summary

[none]

Details

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.

References

Affected packages

Git / github.com/apache/incubator-nuttx

Affected ranges

Type

GIT

Repo

https://github.com/apache/incubator-nuttx

Events

Introduced

Last affected

e4e4cce6962430e2b07336d2c564b14298995661

Introduced

Last affected

9f6f05d901c72c6b65969847e02a5c2c0adfd40a

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "9.1.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "10.0.0"
        }
    ]
}

Affected versions

nuttx-1.*

nuttx-1.0

nuttx-1.1

nuttx-1.2

nuttx-10.*

nuttx-10.0.0

nuttx-10.0.0-RC0

nuttx-2.*

nuttx-2.1

nuttx-2.2

nuttx-2.3

nuttx-2.4

nuttx-2.5

nuttx-2.6

nuttx-2.7

nuttx-2.8

nuttx-3.*

nuttx-3.0

nuttx-3.1

nuttx-3.10

nuttx-3.11

nuttx-3.12

nuttx-3.13

nuttx-3.14

nuttx-3.15

nuttx-3.16

nuttx-3.17

nuttx-3.18

nuttx-3.19

nuttx-3.2

nuttx-3.3

nuttx-3.4

nuttx-3.5

nuttx-3.6

nuttx-3.6.1

nuttx-3.7

nuttx-3.8

nuttx-3.9

nuttx-4.*

nuttx-4.0

nuttx-4.1

nuttx-4.10

nuttx-4.11

nuttx-4.12

nuttx-4.13

nuttx-4.14

nuttx-4.2

nuttx-4.3

nuttx-4.4

nuttx-4.5

nuttx-4.6

nuttx-4.7

nuttx-4.8

nuttx-4.9

nuttx-5.*

nuttx-5.0

nuttx-5.1

nuttx-5.10

nuttx-5.11

nuttx-5.12

nuttx-5.13

nuttx-5.14

nuttx-5.15

nuttx-5.16

nuttx-5.17

nuttx-5.18

nuttx-5.19

nuttx-5.2

nuttx-5.3

nuttx-5.4

nuttx-5.5

nuttx-5.6

nuttx-5.7

nuttx-5.8

nuttx-5.9

nuttx-6.*

nuttx-6.0

nuttx-6.1

nuttx-6.10

nuttx-6.11

nuttx-6.12

nuttx-6.13

nuttx-6.14

nuttx-6.15

nuttx-6.16

nuttx-6.17

nuttx-6.18

nuttx-6.19

nuttx-6.2

nuttx-6.20

nuttx-6.21

nuttx-6.22

nuttx-6.23

nuttx-6.24

nuttx-6.25

nuttx-6.26

nuttx-6.27

nuttx-6.28

nuttx-6.29

nuttx-6.3

nuttx-6.30

nuttx-6.31

nuttx-6.32

nuttx-6.33

nuttx-6.4

nuttx-6.5

nuttx-6.6

nuttx-6.7

nuttx-6.8

nuttx-6.9

nuttx-7.*

nuttx-7.1

nuttx-7.10

nuttx-7.11

nuttx-7.12

nuttx-7.13

nuttx-7.14

nuttx-7.15

nuttx-7.16

nuttx-7.17

nuttx-7.18

nuttx-7.2

nuttx-7.20

nuttx-7.21

nuttx-7.22

nuttx-7.23

nuttx-7.24

nuttx-7.25

nuttx-7.26

nuttx-7.27

nuttx-7.28

nuttx-7.29

nuttx-7.3

nuttx-7.30

nuttx-7.31

nuttx-7.4

nuttx-7.5

nuttx-7.6

nuttx-7.8

nuttx-7.9

nuttx-8.*

nuttx-8.1

nuttx-8.2

nuttx-9.*

nuttx-9.1.0

nuttx-9.1.0-RC0

nuttx-9.1.0-RC1

nuttx-9.1.0-RC2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-17528.json"