CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-1638 – Bluetooth characteristic LESC security requirement not enforced without additional flags
https://notcve.org/view.php?id=CVE-2024-1638
19 Feb 2024 — The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characteristic: Attribute read/write permission with LE Secure Connection encryption. If set, requires that LE Secure Connections is used for read/write access, however this is only true when it is combined with other permissions, namely BT_GATT_PERM_READ_ENCRYPT/BT_GATT_PERM_READ_AUTHEN (for read) or BT_GATT_PERM_WRITE_ENCRYPT/BT_GATT_PERM_WRITE_AUTHEN (for write), if these additional permissions... • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p6f3-f63q-5mc2 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5779 – can: out of bounds in remove_rx_filter function
https://notcve.org/view.php?id=CVE-2023-5779
18 Feb 2024 — can: out of bounds in remove_rx_filter function puede: fuera de los límites en la función remove_rx_filter • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7cmj-963q-jj47 • CWE-787: Out-of-bounds Write •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6249 – ipm: signed to unsigned conversion problem in esp32_ipm_send
https://notcve.org/view.php?id=CVE-2023-6249
18 Feb 2024 — Signed to unsigned conversion esp32_ipm_send Conversión firmada a no firmada esp32_ipm_send • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-32f5-3p9h-2rqc • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6749 – Unchecked user input length in the Zephyr Settings Shell
https://notcve.org/view.php?id=CVE-2023-6749
18 Feb 2024 — Unchecked length coming from user input in settings shell Longitud no marcada proveniente de la entrada del usuario en el shell de configuración • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-757h-rw37-66hw • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5055 – L2CAP: Possible Stack based buffer overflow in le_ecred_reconf_req()
https://notcve.org/view.php?id=CVE-2023-5055
21 Nov 2023 — Possible variant of CVE-2021-3434 in function le_ecred_reconf_req. Posible variante de CVE-2021-3434 en la función le_ecred_reconf_req. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wr8r-7f8x-24jj • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4424 – bt: hci: DoS and possible RCE
https://notcve.org/view.php?id=CVE-2023-4424
21 Nov 2023 — An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device. Un dispositivo BLE malicioso puede provocar un desbordamiento del búfer al enviar un paquete publicitario con formato incorrecto al dispositivo BLE utilizando Zephyr OS, lo que provoca DoS o un posible RCE en el dispositivo BLE víctima. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j4qm-xgpf-qjw3 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-5139 – Potential buffer overflow vulnerability in the Zephyr STM32 Crypto driver
https://notcve.org/view.php?id=CVE-2023-5139
26 Oct 2023 — Potential buffer overflow vulnerability at the following location in the Zephyr STM32 Crypto driver Posible vulnerabilidad de desbordamiento del búfer en la siguiente ubicación en el controlador Zephyr STM32 Crypto Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5753 – Potential buffer overflow vulnerabilities in the Zephyr Bluetooth subsystem
https://notcve.org/view.php?id=CVE-2023-5753
24 Oct 2023 — Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c Posibles desbordamientos del búfer en el subsistema Bluetooth debido a afirmaciones deshabilitadas en /subsys/bluetooth/host/hci_core.c Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-4257 – Unchecked user input length in the Zephyr WiFi shell module
https://notcve.org/view.php?id=CVE-2023-4257
13 Oct 2023 — Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows. La longitud de entrada del usuario no marcada en /subsys/net/l2/wifi/wifi_shell.c puede provocar desbordamientos del búfer. Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4263 – Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver
https://notcve.org/view.php?id=CVE-2023-4263
13 Oct 2023 — Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver Posible vulnerabilidad de desbordamiento del buffer en el controlador Zephyr IEEE 802.15.4 nRF 15.4 Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •