CVE-2026-5476
Integer Overflow in NASA cFS CFE_TBL_ValidateCodecLoadSize Function
Publication date: 2026-04-03
Last updated on: 2026-05-04
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| nasa | core_flight_system | to 7.0.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-189 | |
| CWE-190 | The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in NASA cFS up to version 7.0.0 on 32-bit systems. It affects the function CFE_TBL_ValidateCodecLoadSize in the file cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c. The issue is caused by an integer overflow due to manipulation.
Exploiting this vulnerability is considered difficult and requires a high level of complexity.
A fix for this vulnerability is planned for an upcoming version milestone of the project.
How can this vulnerability impact me? :
The vulnerability leads to an integer overflow, which can potentially cause unexpected behavior in the affected software.
Given the low CVSS scores (BaseScore 2.1 in v4.0 and 4.6 in v3.1) and the high complexity and difficulty to exploit, the impact is likely limited but could still affect confidentiality, integrity, and availability to a low degree.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves an integer overflow in the function CFE_TBL_ValidateCodecLoadSize within NASA cFS on 32-bit systems. Detection involves monitoring for abnormal table load commands that could trigger out-of-bounds memory writes.
Since exploitation requires ground operator command authority to issue table load commands, detection can focus on auditing and logging such commands for unusual or suspicious parameters, especially large Offset and NumBytes values that could cause overflow.
Specific commands to detect this vulnerability are not provided in the available resources. However, reviewing logs or telemetry for table load commands with Offset and NumBytes values near or exceeding 0xFFFFFF00 and 0x200 respectively could help identify attempts to exploit the overflow.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of the CVE-2026-5476 vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves restricting ground operator command authority to trusted personnel only, as exploitation requires issuing table load commands.
Additionally, monitoring and auditing table load commands for suspicious parameters can help prevent exploitation.
A software fix is planned that changes the arithmetic in CFE_TBL_ValidateCodecLoadSize to 64-bit addition to prevent overflow. Until this fix is applied, limiting command access and careful monitoring are the best immediate steps.