CVE-2022-1042 – Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
https://notcve.org/view.php?id=CVE-2022-1042
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. En Zephyr bluetooth mesh core stack, puede desencadenarse una vulnerabilidad de escritura fuera de límites durante el aprovisionamiento. • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x • CWE-787: Out-of-bounds Write •
CVE-2022-1041 – Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
https://notcve.org/view.php?id=CVE-2022-1041
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. En Zephyr bluetooth mesh core stack, puede desencadenarse una vulnerabilidad de escritura fuera de límites durante el aprovisionamiento. • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38 • CWE-787: Out-of-bounds Write •
CVE-2021-3435 – L2CAP: Information leakage in le_ecred_conn_req()
https://notcve.org/view.php?id=CVE-2021-3435
Information leakage in le_ecred_conn_req(). Zephyr versions >= v2.4.0 Use of Uninitialized Resource (CWE-908). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xhg3-gvj6-4rqh Un filtrado de información en la función le_ecred_conn_req(). Zephyr versiones posteriores a v2.4.0 incluyéndola, Uso de Recurso no Inicializado (CWE-908). Para más información, vea https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xhg3-gvj6-4rqh • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xhg3-gvj6-4rqh • CWE-908: Use of Uninitialized Resource •
CVE-2021-3434 – L2CAP: Stack based buffer overflow in le_ecred_conn_req()
https://notcve.org/view.php?id=CVE-2021-3434
Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions >= v2.5.0 Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm Un desbordamiento del búfer en la región Stack de la memoria en la función le_ecred_conn_req(). Zephyr versiones posteriores a v2.5.0 incluyéndola, Desbordamiento del búfer en la región Stack de la memoria (CWE-121). Para más información, vea https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2021-3433 – BT: Invalid channel map in CONNECT_IND results to Deadlock
https://notcve.org/view.php?id=CVE-2021-3433
Invalid channel map in CONNECT_IND results to Deadlock. Zephyr versions >= v2.5.0 Improper Check or Handling of Exceptional Conditions (CWE-703). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp Un mapa de canales no válido en la función CONNECT_IND provoca un bloqueo. Zephyr versiones posteriores a v2.5.0 incluyéndola, Comprobación o Manejo Inapropiado de Condiciones Excepcionales (CWE-703). Para más información, vea https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp • CWE-703: Improper Check or Handling of Exceptional Conditions •