Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zephyrproject vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv3
CVE-2022-0553
There is no check to see if slot 0 is being uploaded from the device to the host. When using encrypted images this means the unencrypted firmware can be retrieved easily.
Zephyrproject Zephyr
8
CVSSv3
CVE-2023-1901
The bluetooth HCI host layer logic not clearing a global reference to a semaphore after synchronously sending HCI commands may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer....
Zephyrproject Zephyr
8
CVSSv3
CVE-2023-1902
The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer.
Zephyrproject Zephyr
8.8
CVSSv3
CVE-2023-5184
Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.
Zephyrproject Zephyr
7.5
CVSSv3
CVE-2023-0359
A missing nullptr-check in handle_ra_input can cause a nullptr-deref.
Zephyrproject Zephyr
6.8
CVSSv3
CVE-2023-0396
A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses.
Zephyrproject Zephyr
6.5
CVSSv3
CVE-2023-0397
A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete.
Zephyrproject Zephyr
9.8
CVSSv3
CVE-2022-2993
There is an error in the condition of the last if-statement in the function smp_check_keys. It was rejecting current keys if all requirements were unmet.
Zephyrproject Zephyr
7.5
CVSSv3
CVE-2023-5563
The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=y. This results in calling k_sleep() in IRQ context, causing a fatal exception.
Zephyrproject Zephyr
8.8
CVSSv3
CVE-2023-2234
Union variant confusion allows any malicious BT controller to execute arbitrary code on the Zephyr host.
Zephyrproject Zephyr
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »