Zephyr Security Vulnerabilities and Issues — Zephyr CVE List

Lucene search

ZephyrprojectZephyr

4 matches found

CVE•added 2025/02/25 7:15 a.m.•67 views

CVE-2025-1673

A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation.

8.2CVSS7AI score0.00226EPSS

CVE•added 2025/02/25 8:15 a.m.•66 views

CVE-2025-1674

A lack of input validation allows for out of bounds reads caused by malicious or malformed packets.

8.2CVSS7.1AI score0.00111EPSS

CVE•added 2025/02/25 8:15 a.m.•57 views

CVE-2025-1675

The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the copied data.

9.1CVSS7.2AI score0.00121EPSS

CVE•added 2025/08/04 2:15 a.m.•16 views

CVE-2025-20696

In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09915215; Issu...

6.8CVSS6.5AI score0.00012EPSS