CVE-2021-43997
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-43997
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
FreeRTOS versions 10.2.0 through 10.4.5 do not prevent non-kernel code from calling the xPortRaisePrivilege internal function to raise privilege. FreeRTOS versions through 10.4.6 do not prevent a third party that has already independently gained the ability to execute injected code to achieve further privilege escalation by branching directly inside a FreeRTOS MPU API wrapper function with a manually crafted stack frame. These issues affect ARMv7-M MPU ports, and ARMv8-M ports with MPU support enabled (i.e. configENABLE_MPU set to 1). These are fixed in V10.5.0 and in V10.4.3-LTS Patch 3.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Amazon FreeRTOS 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Amazon FreeRTOS是美国亚马逊(Amazon)公司的一套适用于微控制器的开源操作系统。 Amazon FreeRTOS 中存在代码问题漏洞,该漏洞源于产品未对xportraisprivilege和vPortResetPrivilege内部函数的调用添加有效权限。攻击者可通过该漏洞通过非内核代码调用该函数。以下产品及版本受到影响:Amazon FreeRTOS 10.2.0 至 10.4.5 版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2021-43997
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2021-43997
请登录查看更多情报信息。
Patches & Fixes for CVE-2021-43997 (2)
Other References for CVE-2021-43997 (2)
Same Patch Batch · n/a · 2021-11-17 · 65 CVEs total
| CVE-2021-42956 | 7.8 HIGH | ZOHO ManageEngine Remote Access Plus 安全漏洞 |
| CVE-2021-42954 | 7.8 HIGH | ZOHO ManageEngine Remote Access Plus 安全漏洞 |
| CVE-2021-42955 | 7.3 HIGH | ZOHO ManageEngine Remote Access Plus 安全漏洞 |
| CVE-2021-33086 | Intel NUC 缓冲区错误漏洞 | |
| CVE-2021-33479 | GOCR 缓冲区错误漏洞 | |
| CVE-2021-43337 | Schedmd SchedMD Slurm 安全漏洞 | |
| CVE-2021-33093 | Intel NUC 访问控制错误漏洞 | |
| CVE-2021-33094 | Intel NUC 访问控制错误漏洞 | |
| CVE-2021-33095 | Intel NUC 代码问题漏洞 | |
| CVE-2021-33087 | Intel NUC 授权问题漏洞 | |
| CVE-2021-0096 | Intel NUC 授权问题漏洞 | |
| CVE-2021-33089 | Intel NUC 安全漏洞 | |
| CVE-2021-33090 | Intel NUC 安全漏洞 | |
| CVE-2021-33091 | Intel NUC 访问控制错误漏洞 | |
| CVE-2021-0121 | Intel Graphics Drivers 安全漏洞 | |
| CVE-2021-0120 | Intel Graphics Drivers 安全漏洞 | |
| CVE-2021-33097 | Intel Crypto Api Toolkit 安全漏洞 | |
| CVE-2021-33071 | Intel oneAPI Rendering Toolkit 安全漏洞 | |
| CVE-2021-0157 | Intel Processors 安全漏洞 | |
| CVE-2021-0158 | Intel Processors BIOS firmware 输入验证错误漏洞 |
Showing top 20 of 65 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-9604
JeecgBoot AiragModelController access control - CVE-2026-9581
JeecgBoot add access control - CVE-2026-9580
JeecgBoot selectDepart LoginController.selectDepart access c - CVE-2026-9579
JeecgBoot SysUser userEdit user.getUsername access control - CVE-2026-9572
GPAC MP4Box media.c Media_GetSample memory leak
V. Comments for CVE-2021-43997
No comments yet