CVE-2017-7936

NONE EPSS 26.4%
Published Aug 7, 20178y ago · Modified Jun 17, 20262w ago
Find Similar
Published Aug 7, 2017 8y ago
Last Modified Jun 17, 2026 2w ago

Description

A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory.

Threat Intelligence

EPSS Exploit Probability
26.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 2

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
CWE-121

Affected Products 54

VendorProductVersionRange
nxpvybrid_mvf30nn151cku26_firmware*any
nxpvybrid_mvf30nn151cku26*any
nxpvybrid_mvf30ns151cku26_firmware*any
nxpvybrid_mvf30ns151cku26*any
nxpvybrid_mvf50nn151cmk40_firmware*any
nxpvybrid_mvf50nn151cmk40*any
nxpvybrid_mvf50nn151cmk50_firmware*any
nxpvybrid_mvf50nn151cmk50*any
nxpvybrid_mvf50ns151cmk40_firmware*any
nxpvybrid_mvf50ns151cmk40*any
nxpvybrid_mvf50ns151cmk50_firmware*any
nxpvybrid_mvf50ns151cmk50*any
nxpvybrid_mvf51nn151cmk50_firmware*any
nxpvybrid_mvf51nn151cmk50*any
nxpvybrid_mvf51ns151cmk50_firmware*any
nxpvybrid_mvf51ns151cmk50*any
nxpvybrid_mvf60nn151cmk40_firmware*any
nxpvybrid_mvf60nn151cmk40*any
nxpvybrid_mvf60ns151cmk40_firmware*any
nxpvybrid_mvf60ns151cmk40*any
nxpvybrid_mvf60nn151cmk50_firmware*any
nxpvybrid_mvf60nn151cmk50*any
nxpvybrid_mvf60ns151cmk50_firmware*any
nxpvybrid_mvf60ns151cmk50*any
nxpvybrid_mvf61nn151cmk50_firmware*any
nxpvybrid_mvf61nn151cmk50*any
nxpvybrid_mvf61ns151cmk50_firmware*any
nxpvybrid_mvf61ns151cmk50*any
nxpvybrid_mvf62nn151cmk40_firmware*any
nxpvybrid_mvf62nn151cmk40*any
nxpi.mx_50_firmware*any
nxpi.mx_50*any
nxpi.mx_53_firmware*any
nxpi.mx_53*any
nxpi.mx_6ull_firmware*any
nxpi.mx_6ull*any
nxpi.mx_6ultralite_firmware*any
nxpi.mx_6ultralite*any
nxpi.mx_6sololite_firmware*any
nxpi.mx_6sololite*any
nxpi.mx_6solo_firmware*any
nxpi.mx_6solo*any
nxpi.mx_6duallite_firmware*any
nxpi.mx_6duallite*any
nxpi.mx_6solox_firmware*any
nxpi.mx_6solox*any
nxpi.mx_6dual_firmware*any
nxpi.mx_6dual*any
nxpi.mx_6quad_firmware*any
nxpi.mx_6quad*any
nxpi.mx_6quadplus_firmware*any
nxpi.mx_6quadplus*any
nxpi.mx_6dualplus_firmware*any
nxpi.mx_6dualplus*any

References 2

  • securityfocus.com http://www.securityfocus.com/bid/99966
    Third Party AdvisoryVDB Entry
  • ics-cert.us-cert.gov https://ics-cert.us-cert.gov/advisories/ICSA-17-152-02
    Third Party AdvisoryUS Government ResourceVDB Entry

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.