漏洞概览 标题 TinyOS <= 2.1.2 Global Buffer Overflow in printfUART 严重性 MEDIUM 日期 January 14, 2026 影响范围 TinyOS <= 2.1.2 CVE CVE-2026-22211 CWE CWE-787 Out-of-bounds Write CVSS CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N 参考 Researcher SecLists Disclosure TinyOS GitHub Repository 所属者 Ron Edgerson 描述 TinyOS versions up to and including 2.1.2 contain a global buffer overflow vulnerability in the printfUART formatted output implementation used within the ZigBee / IEEE 802.15.4 networking stack. The implementation formats output into a fixed-size global buffer and concatenates strings for %s format specifiers using strcat() without verifying remaining buffer capacity. When printfUART is invoked with a caller-controlled string longer than the available space, the unbounded sprintf/strcat sequence writes past the end of debugbuf, resulting in global memory corruption. This can cause denial of service, unintended behavior, or information disclosure via corrupted adjacent global state or UART output.