Total
91 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-13600 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 7.2 HIGH | 7.6 HIGH |
Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr | |||||
CVE-2020-10065 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 5.8 MEDIUM | 8.8 HIGH |
Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Length Parameter Inconsistency (CWE-130). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hg2w-62p6-g67c | |||||
CVE-2021-3320 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-27r3-rxch-2hm7 | |||||
CVE-2020-10064 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Improper Input Frame Validation in ieee802154 Processing. Zephyr versions >= v1.14.2, >= v2.2.0 contain Stack-based Buffer Overflow (CWE-121), Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3gvq-h42f-v3c7 | |||||
CVE-2020-13603 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45 | |||||
CVE-2020-13599 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 2.1 LOW | 3.3 LOW |
Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q | |||||
CVE-2020-13601 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44 | |||||
CVE-2020-10072 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 4.6 MEDIUM | 5.3 MEDIUM |
Improper Handling of Insufficient Permissions or Privileges in zephyr. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Insufficient Permissions or Privileges (CWE-280). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-vf79-hqwm-w4xc | |||||
CVE-2020-13602 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh | |||||
CVE-2020-10066 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 3.3 LOW | 5.7 MEDIUM |
Incorrect Error Handling in Bluetooth HCI core. Zephyr versions >= v1.14.2, >= v2.2.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gc66-xfrc-24qr | |||||
CVE-2020-10071 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions. | |||||
CVE-2020-10024 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions. | |||||
CVE-2020-10019 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
USB DFU has a potential buffer overflow where the requested length (wLength) is not checked against the buffer size. This could be used by a malicious USB host to exploit the buffer overflow. See NCC-ZEP-002 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions. | |||||
CVE-2020-10028 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions. | |||||
CVE-2020-10059 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 5.8 MEDIUM | 4.8 MEDIUM |
The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using DTLS without the peer checking. See NCC-ZEP-018 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. | |||||
CVE-2020-10060 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 5.5 MEDIUM | 6.5 MEDIUM |
In updatehub_probe, right after JSON parsing is complete, objects\[1] is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would reference unitialized stack memory. This could result in a crash, denial of service, or possibly an information leak. Provided the fix in CVE-2020-10059 is applied, the attack requires compromise of the server. See NCC-ZEP-030 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. version 2.2.0 and later versions. | |||||
CVE-2020-10023 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 4.6 MEDIUM | 6.8 MEDIUM |
The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions. | |||||
CVE-2020-10021 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Out-of-bounds Write in the USB Mass Storage memoryWrite handler with unaligned Sizes See NCC-ZEP-024, NCC-ZEP-025, NCC-ZEP-026 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions. | |||||
CVE-2020-10027 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions. | |||||
CVE-2020-10068 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
In the Zephyr project Bluetooth subsystem, certain duplicate and back-to-back packets can cause incorrect behavior, resulting in a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions, and version 1.14.0 and later versions. |