4 matches found
CVE-2026-5072
A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...
CVE-2026-5072 ptp: Potential Denial of Service via PTP Interval Shift
A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTPMSGMANAGEMENT message to set an unvalidated negative logannounceinterval value in the port's data set. When a subsequent...
CVE-2026-5072
CVE-2026-5072 affects Zephyr’s PTP subsystem. A remote attacker can send a crafted PTP_MSG_MANAGEMENT to set an unvalidated negative log_announce_interval in a port’s data set. When a subsequent PTP_MSG_ANNOUNCE is processed, port_timer_set_timeout_random computes timeout as NSEC_PER_SEC >>...
Zephyr 安全漏洞
Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, caused by a bit offset issue. A remote attacker can set an unvalidated negative value of logannounceinterval by sending a specially crafted PTPMSGMANAGEMENT message...