EUVD-2020-2523

Malware in sbrugna...

Zephyr Input Validation Error Vulnerability (CNVD-2020-35003)

Zephyr is an open source, small, scalable real-time operating system from the Linux Foundation. An input validation error vulnerability exists in the Kscan subsystem in Zephyr 2.1.0 and later fixed in version 2.2.0, which stems from the program failing to perform sufficient parameter validation...

CVE-2020-10058

Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions...

CVE-2020-10058

Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions...

Input validation

Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions...

CVE-2020-10058

CVE-2020-10058 affects Zephyr Project RTOS (Kscan subsystem). The issue arises from insufficient parameter validation in multiple Kscan syscalls, enabling a local user to potentially gain elevated privileges. Publicly documented details from CNVD-2020-35003 confirm Zephyr 2.1.0 and later are affe...