zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by the Zephyr Project. A security vulnerability exists in zephyr that stems from its failure to check if slot 0 is uploaded from the device to the host resulting in unencrypted firmware that can be easily retrieved when an...

CVE-2022-24778

A flaw was found in the imgcrypt library when checking the keys of an authorized user to access an encrypted image on systems where layers are not available and cannot run on the host architecture. This flaw allows an attacker to run an image without providing the previously decrypted keys...