Vulnerabilities (CVE)

Filtered by vendor Zephyrproject Subscribe
Filtered by product Zephyr
Total 61 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-0397 1 Zephyrproject 1 Zephyr 2023-01-25 N/A 6.5 MEDIUM
A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete.
CVE-2022-0553 1 Zephyrproject 1 Zephyr 2023-01-18 N/A 4.6 MEDIUM
There is no check to see if slot 0 is being uploaded from the device to the host. When using encrypted images this means the unencrypted firmware can be retrieved easily.
CVE-2021-3966 1 Zephyrproject 1 Zephyr 2023-01-18 N/A 8.8 HIGH
usb device bluetooth class includes a buffer overflow related to implementation of net_buf_add_mem.
CVE-2022-2993 1 Zephyrproject 1 Zephyr 2022-12-12 N/A 9.8 CRITICAL
There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet.
CVE-2022-2741 1 Zephyrproject 1 Zephyr 2022-11-01 N/A 7.5 HIGH
The denial-of-service can be triggered by transmitting a carefully crafted CAN frame on the same CAN network as the vulnerable node. The frame must have a CAN ID matching an installed filter in the vulnerable node (this can easily be guessed based on CAN traffic analyses). The frame must contain the opposite RTR bit as what the filter installed in the vulnerable node contains (if the filter matches RTR frames, the frame must be a data frame or vice versa).
CVE-2021-3319 1 Zephyrproject 1 Zephyr 2022-10-25 7.5 HIGH 9.8 CRITICAL
DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Zephyr versions >= > v2.4.0 contain NULL Pointer Dereference (CWE-476), Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94jg-2p6q-5364
CVE-2022-1841 1 Zephyrproject 1 Zephyr 2022-09-07 N/A 5.3 MEDIUM
In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero.
CVE-2022-1042 1 Zephyrproject 1 Zephyr 2022-08-03 N/A 8.8 HIGH
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
CVE-2022-1041 1 Zephyrproject 1 Zephyr 2022-08-02 N/A 8.8 HIGH
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
CVE-2021-3435 1 Zephyrproject 1 Zephyr 2022-07-08 2.1 LOW 3.3 LOW
Information leakage in le_ecred_conn_req(). Zephyr versions >= v2.4.0 Use of Uninitialized Resource (CWE-908). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xhg3-gvj6-4rqh
CVE-2021-3434 1 Zephyrproject 1 Zephyr 2022-07-08 4.6 MEDIUM 7.8 HIGH
Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions >= v2.5.0 Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm
CVE-2021-3433 1 Zephyrproject 1 Zephyr 2022-07-08 2.1 LOW 3.3 LOW
Invalid channel map in CONNECT_IND results to Deadlock. Zephyr versions >= v2.5.0 Improper Check or Handling of Exceptional Conditions (CWE-703). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp
CVE-2021-3432 1 Zephyrproject 1 Zephyr 2022-07-08 5.0 MEDIUM 7.5 HIGH
Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr versions >= v1.14.0 Divide By Zero (CWE-369). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4
CVE-2021-3431 1 Zephyrproject 1 Zephyr 2022-07-08 5.0 MEDIUM 7.5 HIGH
Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions >= v2.5.0 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9
CVE-2021-3430 1 Zephyrproject 1 Zephyr 2022-07-08 5.0 MEDIUM 7.5 HIGH
Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr
CVE-2022-1822 1 Zephyrproject 1 Zephyr 2022-06-21 4.3 MEDIUM 6.1 MEDIUM
The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3.2.40 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
CVE-2020-13598 1 Zephyrproject 1 Zephyr 2022-04-26 4.6 MEDIUM 7.8 HIGH
FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= v1.14.2, >= v2.3.0 contain Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h
CVE-2020-13599 1 Zephyrproject 1 Zephyr 2022-04-06 2.1 LOW 3.3 LOW
Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q
CVE-2021-3861 1 Zephyrproject 1 Zephyr 2022-02-11 7.2 HIGH 6.8 MEDIUM
The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj
CVE-2021-3835 1 Zephyrproject 1 Zephyr 2022-02-11 5.8 MEDIUM 8.8 HIGH
Buffer overflow in usb device class. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf