Show filters
103 Total Results
Displaying 1-10 of 103
Sort by:
Attacker Value
Unknown

CVE-2023-0779

Disclosure Date: May 30, 2023 (last updated October 08, 2023)
At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
1
0
Attacker Value
Unknown

CVE-2024-10395

Disclosure Date: February 03, 2025 (last updated February 03, 2025)
No proper validation of the length of user input in http_server_get_content_type_from_extension.
0
0
Attacker Value
Unknown

CVE-2024-8798

Disclosure Date: December 16, 2024 (last updated February 04, 2025)
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-11263

Disclosure Date: November 15, 2024 (last updated February 04, 2025)
When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols.
Attack Vector: LocalPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-6444

Disclosure Date: October 04, 2024 (last updated November 14, 2024)
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-6443

Disclosure Date: October 04, 2024 (last updated November 13, 2024)
In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-6442

Disclosure Date: October 04, 2024 (last updated November 14, 2024)
In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-6259

Disclosure Date: September 13, 2024 (last updated September 19, 2024)
BT: HCI: adv_ext_report Improper discarding in adv_ext_report
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-6137

Disclosure Date: September 13, 2024 (last updated September 19, 2024)
BT: Classic: SDP OOB access in get_att_search_list
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-6135

Disclosure Date: September 13, 2024 (last updated September 19, 2024)
BT:Classic: Multiple missing buf length checks
Attack Vector: Adjacent NetworkPrivileges: NoneUser Interaction: None
0
0
View More Topics  Next >