flipperdevices flipperzero-firmware
0 remedies
cpe:2.3:o:flipperzero:flipper_zero_firmware:*:*:*:*:*:*:*
0 remedies
- <ad2a800>
Flipper Zero Firmware Stack Overflow Vulnerability in Main Function
Vulnerability
A stack overflow vulnerability has been identified in the Flipper Zero firmware, specifically in the main function of the code. This issue arises from a fixed stack allocation of 1024 bytes, which is insufficient for certain execution scenarios that may require up to 1464 bytes. The vulnerability was introduced in commit ad2a80 and potentially affects earlier versions as well.
Impact
Exploitation of this vulnerability can lead to a system crash or undefined behavior.
Reproduction
The vulnerability can be reproduced by enabling stack usage analysis in the build process. After building the firmware with the appropriate configuration, the generated stack usage files will reveal that the main function's call chain exceeds the allocated stack size, particularly under conditions where a crash is handled.
Remediation
The vulnerability has been addressed in a subsequent commit by increasing the stack allocation for the main function to a safer level.
Added: May 1, 2026, 7:23 PM
Updated: May 1, 2026, 7:23 PM
Vulnerability Rating
Custom Algorithm
spread
4.2impact
3.1exploitability
3.6remediation
0.0relevance
7.2threat
1.6urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.