CVE-2018-1000800

zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010). This attack appear to be exploitable via a malicious application call the vulnerable kernel APIs (system sys_ring_buf_get() and sys_ring_buf_put).
References
Link Resource
https://github.com/zephyrproject-rtos/zephyr/issues/7638 Exploit Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/issues/7638 Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:zephyrproject:zephyr:1.12.0:*:*:*:*:*:*:*

History

21 Nov 2024, 03:40

Type Values Removed Values Added
References () https://github.com/zephyrproject-rtos/zephyr/issues/7638 - Exploit, Third Party Advisory () https://github.com/zephyrproject-rtos/zephyr/issues/7638 - Exploit, Third Party Advisory

Information

Published : 2018-09-06 17:29

Updated : 2024-11-21 03:40


NVD link : CVE-2018-1000800

Mitre link : CVE-2018-1000800

CVE.ORG link : CVE-2018-1000800


JSON object : View

Products Affected

zephyrproject

  • zephyr
CWE
CWE-476

NULL Pointer Dereference