CVE-2021-3433 – BT: Invalid channel map in CONNECT_IND results to Deadlock
https://notcve.org/view.php?id=CVE-2021-3433
Invalid channel map in CONNECT_IND results to Deadlock. Zephyr versions >= v2.5.0 Improper Check or Handling of Exceptional Conditions (CWE-703). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp Un mapa de canales no válido en la función CONNECT_IND provoca un bloqueo. Zephyr versiones posteriores a v2.5.0 incluyéndola, Comprobación o Manejo Inapropiado de Condiciones Excepcionales (CWE-703). Para más información, vea https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVE-2021-3432 – BT: Invalid interval in CONNECT_IND leads to Division by Zero
https://notcve.org/view.php?id=CVE-2021-3432
Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr versions >= v1.14.0 Divide By Zero (CWE-369). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4 Un intervalo no válido en la función CONNECT_IND conlleva a una división por cero. Zephyr versiones posteriores a v1.14.0 incluyéndola, División por Cero (CWE-369). Para más información, vea https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4 • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4 • CWE-369: Divide By Zero •
CVE-2021-3431 – BT: Assertion failure on repeated LL_FEATURE_REQ
https://notcve.org/view.php?id=CVE-2021-3431
Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions >= v2.5.0 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9 Aserción alcanzable con la función LL_FEATURE_REQ repetida. Zephyr versiones posteriores a v2.5.0 incluyéndola, contienen una Aserción Alcanzable (CWE-617). Para más información, vea https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9 • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9 • CWE-617: Reachable Assertion •
CVE-2021-3430 – BT: Assertion failure on repeated LL_CONNECTION_PARAM_REQ
https://notcve.org/view.php?id=CVE-2021-3430
Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr Una aserción alcanzable con la función LL_CONNECTION_PARAM_REQ repetida. Zephyr versiones posteriores a v1.14 incluyéndola, contienen una Aserción Alcanzable (CWE-617). Para más información, vea https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr • CWE-617: Reachable Assertion •
CVE-2021-3861 – The RNDIS USB device class includes a buffer overflow vulnerability
https://notcve.org/view.php?id=CVE-2021-3861
The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj La clase de dispositivo USB RNDIS incluye una vulnerabilidad de desbordamiento de búfer. Las versiones de Zephyr versiones posteriores a v2.6.0 incluyéndola, contienen un desbordamiento del búfer en la región Heap de la memoria (CWE-122). Para más información, consulte https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •