Zephyrproject

Zephyr

157 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.22%
  • Veröffentlicht 28.06.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:30

Information leakage in le_ecred_conn_req(). Zephyr versions >= v2.4.0 Use of Uninitialized Resource (CWE-908). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xhg3-gvj6-4rqh

Exploit
  • EPSS 0.74%
  • Veröffentlicht 07.02.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:34

Buffer overflow in usb device class. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf

Exploit
  • EPSS 0.48%
  • Veröffentlicht 07.02.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:22:40

The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxv...

  • EPSS 0.93%
  • Veröffentlicht 19.10.2021 23:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:34

Truncated L2CAP K-frame causes assertion failure. Zephyr versions >= 2.4.0, >= v.2.50 contain Improper Handling of Length Parameter Inconsistency (CWE-130), Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rto...

Exploit
  • EPSS 1.07%
  • Veröffentlicht 19.10.2021 23:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:34

Disconnecting L2CAP channel right after invalid ATT request leads freeze. Zephyr versions >= 2.4.0, >= 2.5.0 contain Use After Free (CWE-416). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7g38-3x9v-v...

Exploit
  • EPSS 0.53%
  • Veröffentlicht 12.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:17

Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. Zephyr versions >= >=2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p86r-gc4r...

Exploit
  • EPSS 0.89%
  • Veröffentlicht 12.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:17

Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zephyr versions >= >=2.4.0 contain Integer Underflow (Wrap or Wraparound) (CWE-191). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j...

Exploit
  • EPSS 0.59%
  • Veröffentlicht 12.10.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:21:18

RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr. Zephyr versions >= >=2.4.0 contain Out-of-bounds Write (CWE-787). For more information, see https://github.com/zephyrproject-rtos/z...

Exploit
  • EPSS 0.74%
  • Veröffentlicht 12.10.2021 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:21:17

Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal. Zephyr versions >= >=2.4.0 contain Integer Overflow to Buffer Overflow (CWE-680). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisorie...

Exploit
  • EPSS 0.85%
  • Veröffentlicht 05.10.2021 21:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:16

DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Zephyr versions >= > v2.4.0 contain NULL Pointer Dereference (CWE-476), Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github...