Zephyr Security Vulnerabilities and Issues — Zephyr CVE List

Lucene search

ZephyrprojectZephyr

13 matches found

CVE•added 2022/12/12 1:50 a.m.•61 views

CVE-2022-2993

There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet.

9.8CVSS9.3AI score0.00136EPSS

CVE•added 2022/10/31 6:15 p.m.•58 views

CVE-2022-2741

The denial-of-service can be triggered by transmitting a carefully crafted CAN frame on the same CAN network as the vulnerable node. The frame must have a CAN ID matching an installed filter in the vulnerable node (this can easily be guessed based on CAN traffic analyses). The frame must contain th...

8.2CVSS7.7AI score0.00092EPSS

CVE•added 2022/06/28 8:15 p.m.•57 views

CVE-2021-3434

Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions >= v2.5.0 Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm

7.8CVSS6.8AI score0.00097EPSS

CVE•added 2022/06/28 8:15 p.m.•56 views

CVE-2021-3432

Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr versions >= v1.14.0 Divide By Zero (CWE-369). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4

7.5CVSS5.8AI score0.00389EPSS

CVE•added 2022/07/26 5:15 a.m.•56 views

CVE-2022-1041

In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.

8.8CVSS8.6AI score0.00112EPSS

CVE•added 2022/06/28 8:15 p.m.•55 views

CVE-2021-3433

Invalid channel map in CONNECT_IND results to Deadlock. Zephyr versions >= v2.5.0 Improper Check or Handling of Exceptional Conditions (CWE-703). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp

4CVSS4AI score0.00054EPSS

CVE•added 2022/06/28 8:15 p.m.•54 views

CVE-2021-3430

Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr

7.5CVSS7AI score0.00317EPSS

CVE•added 2022/06/28 8:15 p.m.•54 views

CVE-2021-3431

Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions >= v2.5.0 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9

7.5CVSS5.9AI score0.00389EPSS

CVE•added 2022/07/26 5:15 a.m.•52 views

CVE-2022-1042

In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.

8.8CVSS8.6AI score0.00112EPSS

CVE•added 2022/06/28 8:15 p.m.•51 views

CVE-2021-3435

Information leakage in le_ecred_conn_req(). Zephyr versions >= v2.4.0 Use of Uninitialized Resource (CWE-908). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xhg3-gvj6-4rqh

4CVSS4AI score0.00054EPSS

CVE•added 2022/02/07 10:15 p.m.•50 views

CVE-2021-3835

Buffer overflow in usb device class. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf

8.8CVSS8.8AI score0.00116EPSS

CVE•added 2022/08/31 8:15 p.m.•47 views

CVE-2022-1841

In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero.

7.2CVSS5.7AI score0.00231EPSS

CVE•added 2022/02/07 10:15 p.m.•46 views

CVE-2021-3861

The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj

8.2CVSS7.2AI score0.00049EPSS