To be honest, I don't know how important these are in the sort of device that is likely to be running FreeRTOS.
"Remote code execution" would tend to need a either a highly standardized environment (execute system("/bin/sh -u root")) or a very specifically crafted attack for a particular device ("Increase centrifuge speed to 'self-destruct' by re-writing PWM register")
"Information leak" is likely to be the usual set of "we didn't clear the packet in between the end of the data we're sending and the end of a minimum-sized packet, so there might be "other" data there." (clearing memory is a particularly annoying performance sink in limited systems :-( ) Yawn.