CVE-2020-17528

CVE-2020-17528: Apache NuttX (incubating) Out of Bound Write from invalid TCP Urgent length

Vendor Apache Software Foundation

Product Apache NuttX (incubating)

Weakness CWE-787

Published December 9, 2020

Last update February 13, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.

Key dates

02Disclosure timeline

December 9, 2020 CVE published

February 13, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-17528

Related vulnerabilities

Identifiers

CVE CVE-2020-17528

CWE CWE-787

Affected versions

Vendor Apache Software Foundation

Product Apache NuttX (incubating)

Affected ≥ unspecified and < 9.1.1

Vendor Apache Software Foundation

Product Apache NuttX (incubating)

Affected 10.0.0

CVE-2020-17528: Apache NuttX (incubating) Out of Bound Write from invalid TCP Urgent length

01Description

02Disclosure timeline

03References

04Related CVE