Lucene search
ZephyrCVE-2022-1841HistoryAug 31, 2022 - 8:15 p.m.
CVE-2022-1841
2022-08-3120:15:08
CWE-787
zephyr
web.nvd.nist.gov
35
10
cve-2022-1841
subsys
net
ip
tcp.c
function
tcp_flags
ecn
cwr
out-of-bounds write
nvd
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
EPSS
0.001
Percentile
31.3%
In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero.
Affected configurations
Node
zephyrprojectzephyrRange≤3.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| zephyrproject | zephyr | * | cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "zephyr",
"vendor": "zephyrproject-rtos",
"versions": [
{
"lessThanOrEqual": "v3.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Social References
More
Related
cnvd
cnvd
Zepher Project zephyr has a binary vulnerability
2022-09-07 00:00:00
nvd
nvd
CVE-2022-1841
2022-08-31 20:15:08
prion
prion
Out-of-bounds
2022-08-31 20:15:00
cvelist
cvelist
CVE-2022-1841 Out-of-bound write in tcp_flags
2022-08-31 19:40:08
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
EPSS
0.001
Percentile
31.3%
Related for CVE-2022-1841