Show filters
129 Total Results
Displaying 81-90 of 129
Sort by:
Attacker Value
Unknown
CVE-2021-3455
Disclosure Date: June 19, 2021 (last updated February 23, 2025)
Disconnecting L2CAP channel right after invalid ATT request leads freeze. Zephyr versions >= 2.4.0, >= 2.5.0 contain Use After Free (CWE-416). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7g38-3x9v-v7vp
0
Attacker Value
Unknown
CVE-2021-3436
Disclosure Date: June 11, 2021 (last updated February 23, 2025)
BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions >= 1.14.2, >= 2.4.0, >= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63
0
Attacker Value
Unknown
CVE-2021-3454
Disclosure Date: May 24, 2021 (last updated February 23, 2025)
Truncated L2CAP K-frame causes assertion failure. Zephyr versions >= 2.4.0, >= v.2.50 contain Improper Handling of Length Parameter Inconsistency (CWE-130), Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3
0
Attacker Value
Unknown
CVE-2021-3322
Disclosure Date: April 21, 2021 (last updated February 23, 2025)
Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. Zephyr versions >= >=2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p86r-gc4r-4mq3
0
Attacker Value
Unknown
CVE-2021-3330
Disclosure Date: April 20, 2021 (last updated February 23, 2025)
RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr. Zephyr versions >= >=2.4.0 contain Out-of-bounds Write (CWE-787). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fj4r-373f-9456
0
Attacker Value
Unknown
CVE-2021-3321
Disclosure Date: April 14, 2021 (last updated February 23, 2025)
Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal. Zephyr versions >= >=2.4.0 contain Integer Overflow to Buffer Overflow (CWE-680). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w44j-66g7-xw99
0
Attacker Value
Unknown
CVE-2021-3323
Disclosure Date: April 14, 2021 (last updated February 23, 2025)
Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zephyr versions >= >=2.4.0 contain Integer Underflow (Wrap or Wraparound) (CWE-191). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc
0
Attacker Value
Unknown
CVE-2021-3320
Disclosure Date: April 14, 2021 (last updated February 22, 2025)
Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-27r3-rxch-2hm7
0
Attacker Value
Unknown
CVE-2020-13601
Disclosure Date: November 18, 2020 (last updated February 22, 2025)
Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44
0
Attacker Value
Unknown
CVE-2020-13600
Disclosure Date: October 07, 2020 (last updated February 22, 2025)
Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr
0
