CVE-2026-5475— Core Flight System 缓冲区错误漏洞

NASA cFS CCSDS Header Size cfe_sb_priv.c CFE_SB_TransmitMsg memory corruption

A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_priv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but has not responded yet.

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

内存缓冲区边界内操作的限制不恰当

Core Flight System 缓冲区错误漏洞

Core Flight System（cFS）是NASA开源的一种通用的飞行软件架构框架，用于旗舰航天器、载人航天器、立方体卫星和 Raspberry Pi。 Core Flight System 7.0.0及之前版本存在缓冲区错误漏洞，该漏洞源于CCSDS Header Size Handler组件CFE_SB_TransmitMsg函数存在缺陷，可能导致内存损坏。

N/A

N/A