CVE-2020-35198 in Windriver and Oracle Products
Published on May 12, 2021
An issue was discovered in Wind River VxWorks 7. The memory allocator has a possible integer overflow in calculating a memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption.
Products Associated with CVE-2020-35198
stack.watch emails you whenever new vulnerabilities are published in Windriver Vxworks or Oracle Communications Eagle. Just hit a watch button to start following.
Exploit Probability
EPSS
2.10%
Percentile
83.84%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.