CVE-2021-42553

Published
View on NVD ↗
CVSS v3
6.8
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated when using a RTOS such as FreeRTOS on STM32 MCUs.

STMicroelectronics/stm32-mw-usb-host
STMicroelectronics/stm32-mw-usb-host
Provides the USB Host library part of the STM32Cube MCU Component "middleware" for all STM32xx series.
GitHubGitHub
49