Vulnerabilities (CVE)

Filtered by vendor Zephyrproject Subscribe
Filtered by product Zephyr
Total 91 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-13600 1 Zephyrproject 1 Zephyr 2024-02-28 7.2 HIGH 7.6 HIGH
Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr
CVE-2020-10065 1 Zephyrproject 1 Zephyr 2024-02-28 5.8 MEDIUM 8.8 HIGH
Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Length Parameter Inconsistency (CWE-130). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hg2w-62p6-g67c
CVE-2021-3320 1 Zephyrproject 1 Zephyr 2024-02-28 5.0 MEDIUM 7.5 HIGH
Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-27r3-rxch-2hm7
CVE-2020-10064 1 Zephyrproject 1 Zephyr 2024-02-28 7.5 HIGH 9.8 CRITICAL
Improper Input Frame Validation in ieee802154 Processing. Zephyr versions >= v1.14.2, >= v2.2.0 contain Stack-based Buffer Overflow (CWE-121), Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3gvq-h42f-v3c7
CVE-2020-13603 1 Zephyrproject 1 Zephyr 2024-02-28 4.6 MEDIUM 7.8 HIGH
Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45
CVE-2020-13599 1 Zephyrproject 1 Zephyr 2024-02-28 2.1 LOW 3.3 LOW
Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q
CVE-2020-13601 1 Zephyrproject 1 Zephyr 2024-02-28 7.5 HIGH 9.8 CRITICAL
Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44
CVE-2020-10072 1 Zephyrproject 1 Zephyr 2024-02-28 4.6 MEDIUM 5.3 MEDIUM
Improper Handling of Insufficient Permissions or Privileges in zephyr. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Insufficient Permissions or Privileges (CWE-280). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-vf79-hqwm-w4xc
CVE-2020-13602 1 Zephyrproject 1 Zephyr 2024-02-28 2.1 LOW 5.5 MEDIUM
Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh
CVE-2020-10066 1 Zephyrproject 1 Zephyr 2024-02-28 3.3 LOW 5.7 MEDIUM
Incorrect Error Handling in Bluetooth HCI core. Zephyr versions >= v1.14.2, >= v2.2.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gc66-xfrc-24qr
CVE-2020-10071 1 Zephyrproject 1 Zephyr 2024-02-28 7.5 HIGH 9.8 CRITICAL
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.
CVE-2020-10024 1 Zephyrproject 1 Zephyr 2024-02-28 7.2 HIGH 7.8 HIGH
The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
CVE-2020-10019 1 Zephyrproject 1 Zephyr 2024-02-28 4.6 MEDIUM 7.8 HIGH
USB DFU has a potential buffer overflow where the requested length (wLength) is not checked against the buffer size. This could be used by a malicious USB host to exploit the buffer overflow. See NCC-ZEP-002 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions.
CVE-2020-10028 1 Zephyrproject 1 Zephyr 2024-02-28 4.6 MEDIUM 7.8 HIGH
Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
CVE-2020-10059 1 Zephyrproject 1 Zephyr 2024-02-28 5.8 MEDIUM 4.8 MEDIUM
The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using DTLS without the peer checking. See NCC-ZEP-018 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions.
CVE-2020-10060 1 Zephyrproject 1 Zephyr 2024-02-28 5.5 MEDIUM 6.5 MEDIUM
In updatehub_probe, right after JSON parsing is complete, objects\[1] is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would reference unitialized stack memory. This could result in a crash, denial of service, or possibly an information leak. Provided the fix in CVE-2020-10059 is applied, the attack requires compromise of the server. See NCC-ZEP-030 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. version 2.2.0 and later versions.
CVE-2020-10023 1 Zephyrproject 1 Zephyr 2024-02-28 4.6 MEDIUM 6.8 MEDIUM
The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
CVE-2020-10021 1 Zephyrproject 1 Zephyr 2024-02-28 4.6 MEDIUM 7.8 HIGH
Out-of-bounds Write in the USB Mass Storage memoryWrite handler with unaligned Sizes See NCC-ZEP-024, NCC-ZEP-025, NCC-ZEP-026 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions.
CVE-2020-10027 1 Zephyrproject 1 Zephyr 2024-02-28 7.2 HIGH 7.8 HIGH
An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
CVE-2020-10068 1 Zephyrproject 1 Zephyr 2024-02-28 3.3 LOW 6.5 MEDIUM
In the Zephyr project Bluetooth subsystem, certain duplicate and back-to-back packets can cause incorrect behavior, resulting in a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions, and version 1.14.0 and later versions.