Zephyr Security Vulnerabilities and Issues — Zephyr CVE List

Lucene search

ZephyrprojectZephyr

5 matches found

CVE•added 2023/01/25 2:2 a.m.•57 views

CVE-2023-0396

A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses.

6.8CVSS6.8AI score0.00047EPSS

CVE•added 2023/01/19 6:15 a.m.•40 views

CVE-2023-0397

A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete.

9.6CVSS6.7AI score0.00031EPSS

CVE•added 2023/01/11 5:15 a.m.•34 views

CVE-2021-3966

usb device bluetooth class includes a buffer overflow related to implementation of net_buf_add_mem.

9.6CVSS9AI score0.00055EPSS

CVE•added 2023/01/25 2:1 a.m.•34 views

CVE-2022-3806

Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer.

9.8CVSS9.5AI score0.00098EPSS

CVE•added 2023/01/11 4:15 a.m.•33 views

CVE-2022-0553

There is no check to see if slot 0 is being uploaded from the device to the host. When using encrypted images this means the unencrypted firmware can be retrieved easily.

6.5CVSS5AI score0.00021EPSS