Samsung Tizenrt vulnerabilities

CVE-2022-40279 [HIGH] CWE-252 CVE-2022-40279: An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). l2_packet_receive_timeout in wpa_supplicant/src/l2_packet/l2_packet_pcap.c has a missing check on the return value of pcap_dispatch, leading to a denial of service (malfunction).

CVE-2022-40278 [HIGH] CWE-416 CVE-2022-40278: An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provi An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_free after sqlite3_exec, leading to a denial of service.

CVE-2022-40280 [HIGH] CWE-772 CVE-2022-40280: An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provi An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of service.

CVE-2022-40281 [HIGH] CWE-401 CVE-2022-40281: An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in cu An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure.

CVE-2021-22684 [HIGH] CWE-190 CVE-2021-22684: Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc Tizen RT RTOS version 3.0.GBB is vulnerable to integer wrap-around in functions_calloc and mm_zalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash