Zephyr@1.14.0 Security Vulnerabilities and Issues — Zephyr@1.14.0 CVE List

Lucene search

ZephyrprojectZephyr1.14.0

5 matches found

CVE•added 2020/05/11 11:15 p.m.•69 views

CVE-2020-10027

An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

7.8CVSS7.8AI score0.00092EPSS

CVE•added 2020/05/11 11:15 p.m.•59 views

CVE-2020-10028

Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

7.8CVSS7.7AI score0.00077EPSS

CVE•added 2022/06/28 8:15 p.m.•56 views

CVE-2021-3432

Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr versions >= v1.14.0 Divide By Zero (CWE-369). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4

7.5CVSS5.8AI score0.00389EPSS

CVE•added 2022/06/28 8:15 p.m.•54 views

CVE-2021-3430

Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr

7.5CVSS7AI score0.00317EPSS

CVE•added 2021/10/05 9:15 p.m.•39 views

CVE-2021-3510

Zephyr JSON decoder incorrectly decodes array of array. Zephyr versions >= >1.14.0, >= >2.5.0 contain Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4

7.5CVSS7.5AI score0.00334EPSS