3 matches found
Buffer overflow
USB DFU has a potential buffer overflow where the requested length wLength is not checked against the buffer size. This could be used by a malicious USB host to exploit the buffer overflow. See NCC-ZEP-002 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version...
CVE-2020-10019
CVE-2020-10019 describes a buffer overflow in Zephyr’s USB DFU path. The flaw occurs when the requested length (wLength) is not validated against the destination buffer size, enabling exploitation by a USB host. Affected products are Zephyr RTOS releases 1.14.1 and later, and 2.1.0 and later. The...
CVE-2020-10019 Buffer Overflow in USB DFU requested length
USB DFU has a potential buffer overflow where the requested length wLength is not checked against the buffer size. This could be used by a malicious USB host to exploit the buffer overflow. See NCC-ZEP-002 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version...