CVE-2022-1841 – Out-of-bound write in tcp_flags
https://notcve.org/view.php?id=CVE-2022-1841
In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero. En el archivo subsys/net/ip/tcp.c, la función tcp_flags , cuando el parámetro entrante flags es ECN o CWR , el buf escribirá fuera de límites un byte cero • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5c3j-p8cr-2pgh • CWE-787: Out-of-bounds Write •
CVE-2022-1042 – Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
https://notcve.org/view.php?id=CVE-2022-1042
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. En Zephyr bluetooth mesh core stack, puede desencadenarse una vulnerabilidad de escritura fuera de límites durante el aprovisionamiento. • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x • CWE-787: Out-of-bounds Write •
CVE-2022-1041 – Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
https://notcve.org/view.php?id=CVE-2022-1041
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. En Zephyr bluetooth mesh core stack, puede desencadenarse una vulnerabilidad de escritura fuera de límites durante el aprovisionamiento. • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38 • CWE-787: Out-of-bounds Write •
CVE-2021-3432 – BT: Invalid interval in CONNECT_IND leads to Division by Zero
https://notcve.org/view.php?id=CVE-2021-3432
Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr versions >= v1.14.0 Divide By Zero (CWE-369). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4 Un intervalo no válido en la función CONNECT_IND conlleva a una división por cero. Zephyr versiones posteriores a v1.14.0 incluyéndola, División por Cero (CWE-369). Para más información, vea https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4 • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4 • CWE-369: Divide By Zero •
CVE-2021-3430 – BT: Assertion failure on repeated LL_CONNECTION_PARAM_REQ
https://notcve.org/view.php?id=CVE-2021-3430
Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr Una aserción alcanzable con la función LL_CONNECTION_PARAM_REQ repetida. Zephyr versiones posteriores a v1.14 incluyéndola, contienen una Aserción Alcanzable (CWE-617). Para más información, vea https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr • CWE-617: Reachable Assertion •