Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Zephyr
(Zephyrproject)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 105 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-11-15 | CVE-2024-11263 | When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols. | Zephyr | 8.4 | ||
| 2024-12-16 | CVE-2024-8798 | No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. | Zephyr | 6.5 | ||
| 2024-02-18 | CVE-2023-6249 | Signed to unsigned conversion esp32_ipm_send | Zephyr | 9.8 | ||
| 2024-02-29 | CVE-2023-6881 | Possible buffer overflow in is_mount_point | Zephyr | 9.8 | ||
| 2024-03-29 | CVE-2024-3077 | An malicious BLE device can crash BLE victim device by sending malformed gatt packet | Zephyr | 6.5 | ||
| 2024-02-18 | CVE-2023-6749 | Unchecked length coming from user input in settings shell | Zephyr | 9.8 | ||
| 2024-02-18 | CVE-2023-5779 | can: out of bounds in remove_rx_filter function | Zephyr | 9.8 | ||
| 2024-02-19 | CVE-2024-1638 | The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characteristic: Attribute read/write permission with LE Secure Connection encryption. If set, requires that LE Secure Connections is used for read/write access, however this is only true when it is combined with other permissions, namely BT_GATT_PERM_READ_ENCRYPT/BT_GATT_PERM_READ_AUTHEN (for read) or BT_GATT_PERM_WRITE_ENCRYPT/BT_GATT_PERM_WRITE_AUTHEN (for write), if these... | Zephyr | 9.1 | ||
| 2021-05-25 | CVE-2020-13598 | FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= v1.14.2, >= v2.3.0 contain Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h | Zephyr | 7.8 | ||
| 2021-05-25 | CVE-2020-13599 | Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q | Zephyr | 3.3 |