CVE-2017-7936: Buffer Overflow
First published: Mon Aug 07 2017(Updated: )
A stack-based buffer overflow issue was discovered in NXP i.MX 50, i.MX 53, i.MX 6ULL, i.MX 6UltraLite, i.MX 6SoloLite, i.MX 6Solo, i.MX 6DualLite, i.MX 6SoloX, i.MX 6Dual, i.MX 6Quad, i.MX 6DualPlus, i.MX 6QuadPlus, Vybrid VF3xx, Vybrid VF5xx, and Vybrid VF6xx. When the device is configured in security enabled configuration, SDP could be used to download a small section of code to an unprotected region of memory.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NXP Vybrid MVF30NN151CKU26 | ||
| NXP Vybrid MVF30NN151CKU26 Firmware | ||
| NXP Vybrid MVF30NS151CKU26 Firmware | ||
| NXP Vybrid MVF30NS151CKU26 Firmware | ||
| NXP Vybrid MVF50NN151CMK40 | ||
| NXP Vybrid MVF50NN151CMK40 | ||
| Nxp Vybrid Mvf50nn151cmk50 | ||
| Nxp Vybrid Mvf50nn151cmk50 Firmware | ||
| NXP Vybrid MVF50NS151CMK40 | ||
| NXP Vybrid MVF50NS151CMK40 | ||
| Nxp Vybrid MVF50NS151CMK50 | ||
| NXP Vybrid MVF50NS151CMK50 | ||
| Nxp Vybrid Mvf51ns151cmk50 Firmware | ||
| NXP Vybrid MVF51NN151CMK50 Firmware | ||
| Nxp Vybrid Mvf51ns151cmk50 | ||
| Nxp Vybrid Mvf51ns151cmk50 Firmware | ||
| NXP Vybrid MVF60NN151CMK40 | ||
| Nxp Vybrid Mvf60nn151cmk40 Firmware | ||
| NXP Vybrid MVF60NS151CMK40 | ||
| NXP Vybrid MVF60NN151CMK40 | ||
| Nxp Vybrid MVF60NN151CMK50 | ||
| Nxp Vybrid MVF60NS151CMK50 | ||
| Nxp Vybrid MVF60NS151CMK50 | ||
| NXP Vybrid MVF50NS151CMK50 | ||
| Nxp Vybrid Mvf61nn151cmk50 | ||
| Nxp Vybrid Mvf61nn151cmk50 Firmware | ||
| Nxp Vybrid MVF61NS151CMK50 | ||
| NXP Vybrid MVF61NS151CMK50 | ||
| Nxp Vybrid Mvf62nn151cmk40 Firmware | ||
| Nxp Vybrid Mvf62nn151cmk40 Firmware | ||
| NXP i.MX 50 Firmware | ||
| NXP i.MX 50 Firmware | ||
| NXP i.MX 53 | ||
| NXP i.MX 53 Firmware | ||
| NXP i.MX 6 Firmware | ||
| NXP i.MX 6ULL Firmware | ||
| Nxp I.mx 6ultralite Firmware | ||
| Nxp I.mx 6ultralite Firmware | ||
| NXP i.MX 6SoloLite Firmware | ||
| NXP i.MX 6SoloLite Firmware | ||
| NXP i.MX 6 Firmware | ||
| NXP i.MX 6Solo | ||
| NXP i.MX 6DualLite | ||
| NXP i.MX 6DualLite Firmware | ||
| NXP i.MX 6 Firmware | ||
| NXP i.MX 6Solo Firmware | ||
| NXP i.MX 6DualLite | ||
| NXP i.MX 6Dual | ||
| NXP i.MX 6Quad Firmware | ||
| NXP i.MX 6Quad | ||
| NXP i.MX 6QuadPlus Firmware | ||
| NXP i.MX 6QuadPlus Firmware | ||
| NXP i.MX 6DualPlus Firmware | ||
| NXP i.MX 6DualPlus Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-7936?
CVE-2017-7936 has a high severity rating due to the potential for remote code execution through a stack-based buffer overflow.
How do I fix CVE-2017-7936?
To fix CVE-2017-7936, ensure that you update the affected NXP firmware to the latest patched version provided by the vendor.
What devices are affected by CVE-2017-7936?
CVE-2017-7936 affects various NXP devices including the i.MX 50, i.MX 53, and several Vybrid models.
What are the potential impacts of CVE-2017-7936?
The potential impacts of CVE-2017-7936 include unauthorized access, remote code execution, and denial of service on affected devices.
Is there a workaround for CVE-2017-7936?
There is no specific workaround for CVE-2017-7936; updating to a patched firmware version is the recommended action.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/nxp
- canonical/nxp vybrid mvf30nn151cku26
- canonical/nxp vybrid mvf30nn151cku26 firmware
- canonical/nxp vybrid mvf30ns151cku26 firmware
- canonical/nxp vybrid mvf50nn151cmk40
- canonical/nxp vybrid mvf50nn151cmk50
- canonical/nxp vybrid mvf50nn151cmk50 firmware
- canonical/nxp vybrid mvf50ns151cmk40
- canonical/nxp vybrid mvf50ns151cmk50
- canonical/nxp vybrid mvf51ns151cmk50 firmware
- canonical/nxp vybrid mvf51nn151cmk50 firmware
- canonical/nxp vybrid mvf51ns151cmk50
- canonical/nxp vybrid mvf60nn151cmk40
- canonical/nxp vybrid mvf60nn151cmk40 firmware
- canonical/nxp vybrid mvf60ns151cmk40
- canonical/nxp vybrid mvf60nn151cmk50
- canonical/nxp vybrid mvf60ns151cmk50
- canonical/nxp vybrid mvf61nn151cmk50
- canonical/nxp vybrid mvf61nn151cmk50 firmware
- canonical/nxp vybrid mvf61ns151cmk50
- canonical/nxp vybrid mvf62nn151cmk40 firmware
- canonical/nxp i.mx 50 firmware
- canonical/nxp i.mx 53
- canonical/nxp i.mx 53 firmware
- canonical/nxp i.mx 6 firmware
- canonical/nxp i.mx 6ull firmware
- canonical/nxp i.mx 6ultralite firmware
- canonical/nxp i.mx 6sololite firmware
- canonical/nxp i.mx 6solo
- canonical/nxp i.mx 6duallite
- canonical/nxp i.mx 6duallite firmware
- canonical/nxp i.mx 6solo firmware
- canonical/nxp i.mx 6dual
- canonical/nxp i.mx 6quad firmware
- canonical/nxp i.mx 6quad
- canonical/nxp i.mx 6quadplus firmware
- canonical/nxp i.mx 6dualplus firmware