Zephyr Security Vulnerabilities and Issues — Zephyr CVE List | Vulners.com

Lucene search

K

ZephyrprojectZephyr

20 matches found

CVE•added 2024/02/19 10:15 p.m.•73 views

CVE-2024-1638

The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characteristic: Attribute read/write permission with LE Secure Connection encryption. If set, requires that LE Secure Connections is used for read/write access, however this is only true ...

9.1CVSS8.2AI score0.00217EPSS

CVE•added 2024/11/15 11:15 p.m.•56 views

CVE-2024-11263

When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols.

9.3CVSS9.3AI score0.0003EPSS

CVE•added 2024/03/15 7:15 p.m.•53 views

CVE-2023-7060

Zephyr OS IP packet handling does not properly drop IP packets arriving on an external interface with a source address equal to 127.0.01 or the destination address.

8.6CVSS8.6AI score0.00195EPSS

CVE•added 2024/03/29 5:15 a.m.•48 views

CVE-2024-3077

An malicious BLE device can crash BLE victim device by sending malformed gatt packet

6.8CVSS6.6AI score0.00193EPSS

CVE•added 2024/09/13 9:15 p.m.•48 views

CVE-2024-6259

BT: HCI: adv_ext_report Improper discarding in adv_ext_report

7.6CVSS6.9AI score0.00077EPSS

CVE•added 2024/09/13 8:15 p.m.•46 views

CVE-2024-5931

BT: Unchecked user input in bap_broadcast_assistant

6.5CVSS6.3AI score0.00077EPSS

CVE•added 2024/09/13 8:15 p.m.•46 views

CVE-2024-6135

BT:Classic: Multiple missing buf length checks

7.6CVSS7AI score0.00077EPSS

CVE•added 2024/07/03 5:15 p.m.•44 views

CVE-2024-3332

A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device

6.5CVSS6.4AI score0.0011EPSS

CVE•added 2024/08/19 10:15 p.m.•43 views

CVE-2024-4785

BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero

7.6CVSS6.9AI score0.0009EPSS

CVE•added 2024/10/04 6:15 a.m.•42 views

CVE-2024-6442

In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.

6.5CVSS6.3AI score0.00067EPSS

CVE•added 2024/02/18 8:15 a.m.•41 views

CVE-2023-6249

Signed to unsigned conversion esp32_ipm_send

9.8CVSS7.8AI score0.00233EPSS

CVE•added 2024/09/13 8:15 p.m.•41 views

CVE-2024-6137

BT: Classic: SDP OOB access in get_att_search_list

7.6CVSS6.9AI score0.00083EPSS

CVE•added 2024/10/04 7:15 a.m.•41 views

CVE-2024-6444

No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.

6.5CVSS6.3AI score0.00067EPSS

CVE•added 2024/12/16 12:15 a.m.•41 views

CVE-2024-8798

No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.

7.5CVSS7.5AI score0.00202EPSS

CVE•added 2024/02/18 8:15 a.m.•40 views

CVE-2023-5779

can: out of bounds in remove_rx_filter function

9.8CVSS4.8AI score0.00095EPSS

CVE•added 2024/09/13 7:15 p.m.•40 views

CVE-2024-6258

BT: Missing length checks of net_buf in rfcomm_handle_data

6.8CVSS6.5AI score0.00078EPSS

CVE•added 2024/09/13 7:15 p.m.•38 views

CVE-2024-5754

BT: Encryption procedure host vulnerability

8.2CVSS7.3AI score0.00041EPSS

CVE•added 2024/10/04 6:15 a.m.•38 views

CVE-2024-6443

In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty.

6.5CVSS6.3AI score0.00073EPSS

CVE•added 2024/02/18 7:15 a.m.•32 views

CVE-2023-6749

Unchecked length coming from user input in settings shell

9.8CVSS7.9AI score0.00233EPSS

CVE•added 2024/02/29 1:42 a.m.•27 views

CVE-2023-6881

Possible buffer overflow in is_mount_point

9.8CVSS7.4AI score0.00323EPSS