CVE-2021-26461: Apache NuttX (incubating): malloc, realloc and memalign implementations are vulnerable to integer wrap-arounds

[Brennan Ashton <btashton () apache org>]

Description:

Apache Nuttx (incubating) versions prior to 10.1.0 are vulnerable to
integer wrap-around in functions malloc, realloc and memalign. This
improper memory assignment can lead to arbitrary memory allocation,
resulting in unexpected behavior such as a crash or a remote code
injection/execution. 

This issue is also known as BadAlloc

Credit:

Apache NuttX would like to thank Omri Ben-Bassat of Section 52 at Azure
Defender for IoT of Microsoft Corp for bringing this issue to our
attention.

--Brennan Ashton