Filtered by vendor Zephyrproject
Subscribe
Total
83 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-6442 | 1 Zephyrproject | 1 Zephyr | 2024-11-13 | N/A | 6.5 MEDIUM |
In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow. | |||||
CVE-2024-6444 | 1 Zephyrproject | 1 Zephyr | 2024-11-13 | N/A | 6.5 MEDIUM |
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. | |||||
CVE-2024-6443 | 1 Zephyrproject | 1 Zephyr | 2024-11-12 | N/A | 6.5 MEDIUM |
In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty. | |||||
CVE-2023-1902 | 1 Zephyrproject | 1 Zephyr | 2024-11-07 | N/A | 8.0 HIGH |
The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer. | |||||
CVE-2023-1901 | 1 Zephyrproject | 1 Zephyr | 2024-11-07 | N/A | 8.0 HIGH |
The bluetooth HCI host layer logic not clearing a global reference to a semaphore after synchronously sending HCI commands may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer. | |||||
CVE-2024-5754 | 1 Zephyrproject | 1 Zephyr | 2024-09-19 | N/A | 6.5 MEDIUM |
BT: Encryption procedure host vulnerability | |||||
CVE-2024-6258 | 1 Zephyrproject | 1 Zephyr | 2024-09-19 | N/A | 6.5 MEDIUM |
BT: Missing length checks of net_buf in rfcomm_handle_data | |||||
CVE-2024-5931 | 1 Zephyrproject | 1 Zephyr | 2024-09-19 | N/A | 6.5 MEDIUM |
BT: Unchecked user input in bap_broadcast_assistant | |||||
CVE-2024-6135 | 1 Zephyrproject | 1 Zephyr | 2024-09-19 | N/A | 6.5 MEDIUM |
BT:Classic: Multiple missing buf length checks | |||||
CVE-2024-6259 | 1 Zephyrproject | 1 Zephyr | 2024-09-19 | N/A | 6.5 MEDIUM |
BT: HCI: adv_ext_report Improper discarding in adv_ext_report | |||||
CVE-2024-6137 | 1 Zephyrproject | 1 Zephyr | 2024-09-19 | N/A | 6.5 MEDIUM |
BT: Classic: SDP OOB access in get_att_search_list | |||||
CVE-2023-5055 | 1 Zephyrproject | 1 Zephyr | 2024-02-05 | N/A | 9.8 CRITICAL |
Possible variant of CVE-2021-3434 in function le_ecred_reconf_req. | |||||
CVE-2023-4424 | 1 Zephyrproject | 1 Zephyr | 2024-02-05 | N/A | 8.8 HIGH |
An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device. | |||||
CVE-2023-5139 | 1 Zephyrproject | 1 Zephyr | 2024-02-05 | N/A | 7.8 HIGH |
Potential buffer overflow vulnerability at the following location in the Zephyr STM32 Crypto driver | |||||
CVE-2023-5184 | 1 Zephyrproject | 1 Zephyr | 2024-02-05 | N/A | 8.8 HIGH |
Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers. | |||||
CVE-2023-4259 | 1 Zephyrproject | 1 Zephyr | 2024-02-05 | N/A | 8.8 HIGH |
Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code. | |||||
CVE-2023-3725 | 1 Zephyrproject | 1 Zephyr | 2024-02-05 | N/A | 9.8 CRITICAL |
Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem | |||||
CVE-2023-4264 | 1 Zephyrproject | 1 Zephyr | 2024-02-05 | N/A | 9.6 CRITICAL |
Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem. | |||||
CVE-2023-4263 | 1 Zephyrproject | 1 Zephyr | 2024-02-05 | N/A | 8.8 HIGH |
Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver | |||||
CVE-2023-4260 | 1 Zephyrproject | 1 Zephyr | 2024-02-05 | N/A | 10.0 CRITICAL |
Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system. |