CVE-2022-2993
- EPSS 0.56%
- Veröffentlicht 09.12.2022 20:15:10
- Zuletzt bearbeitet 22.04.2025 18:15:49
There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet.
CVE-2022-2741
- EPSS 0.59%
- Veröffentlicht 31.10.2022 18:15:13
- Zuletzt bearbeitet 21.11.2024 07:01:37
The denial-of-service can be triggered by transmitting a carefully crafted CAN frame on the same CAN network as the vulnerable node. The frame must have a CAN ID matching an installed filter in the vulnerable node (this can easily be guessed based on...
CVE-2022-1841
- EPSS 0.5%
- Veröffentlicht 31.08.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:41:35
In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero.
CVE-2022-1041
- EPSS 0.82%
- Veröffentlicht 26.07.2022 05:15:07
- Zuletzt bearbeitet 21.11.2024 06:39:54
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
CVE-2022-1042
- EPSS 0.77%
- Veröffentlicht 26.07.2022 05:15:07
- Zuletzt bearbeitet 21.11.2024 06:39:55
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
CVE-2021-3430
- EPSS 0.83%
- Veröffentlicht 28.06.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:21:29
Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr
CVE-2021-3431
- EPSS 0.83%
- Veröffentlicht 28.06.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:21:29
Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions >= v2.5.0 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9
CVE-2021-3432
- EPSS 0.83%
- Veröffentlicht 28.06.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:21:29
Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr versions >= v1.14.0 Divide By Zero (CWE-369). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4
CVE-2021-3433
- EPSS 0.2%
- Veröffentlicht 28.06.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:21:29
Invalid channel map in CONNECT_IND results to Deadlock. Zephyr versions >= v2.5.0 Improper Check or Handling of Exceptional Conditions (CWE-703). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v...
CVE-2021-3434
- EPSS 0.2%
- Veröffentlicht 28.06.2022 20:15:08
- Zuletzt bearbeitet 21.11.2024 06:21:30
Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions >= v2.5.0 Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm