Amazon Web Services (AWS) FreeRTOS security advisory – Dec 2018

Preface: A Real-Time Operating System is a Necessity for IoT.

FreeRTOS is a real-time operating system kernel for embedded devices that has been ported to 35 microcontroller platforms. It is distributed under the MIT License.

Amazon Web Services (AWS) FreeRTOS vulnerabilities checklist:

CVE-2018-16522 Remote code execution

CVE-2018-16525 Remote code execution

CVE-2018-16526 Remote code execution

CVE-2018-16528 Remote code execution

CVE-2018-16523 Denial of service

CVE-2018-16524 Information leak

CVE-2018-16527 Information leak

CVE-2018-16599 Information leak

CVE-2018-16600 Information leak

CVE-2018-16601 Information leak

CVE-2018-16602 Information leak

CVE-2018-16603 Information leak

CVE-2018-16598 Other

Relevant Operating Systems: FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), AWS FreeRTOS up to V1.3.1, WHIS OpenRTOS and SafeRTOS

Comment: Stay alert!