CVE-2023-5779 – can: out of bounds in remove_rx_filter function
https://notcve.org/view.php?id=CVE-2023-5779
can: out of bounds in remove_rx_filter function puede: fuera de los límites en la función remove_rx_filter • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7cmj-963q-jj47 • CWE-787: Out-of-bounds Write •
CVE-2023-6249 – ipm: signed to unsigned conversion problem in esp32_ipm_send
https://notcve.org/view.php?id=CVE-2023-6249
Signed to unsigned conversion esp32_ipm_send Conversión firmada a no firmada esp32_ipm_send • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-32f5-3p9h-2rqc • CWE-704: Incorrect Type Conversion or Cast •
CVE-2023-6749 – Unchecked user input length in the Zephyr Settings Shell
https://notcve.org/view.php?id=CVE-2023-6749
Unchecked length coming from user input in settings shell Longitud no marcada proveniente de la entrada del usuario en el shell de configuración • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-757h-rw37-66hw • CWE-121: Stack-based Buffer Overflow •
CVE-2023-5055 – L2CAP: Possible Stack based buffer overflow in le_ecred_reconf_req()
https://notcve.org/view.php?id=CVE-2023-5055
Possible variant of CVE-2021-3434 in function le_ecred_reconf_req. Posible variante de CVE-2021-3434 en la función le_ecred_reconf_req. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wr8r-7f8x-24jj • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVE-2023-4424 – bt: hci: DoS and possible RCE
https://notcve.org/view.php?id=CVE-2023-4424
An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device. Un dispositivo BLE malicioso puede provocar un desbordamiento del búfer al enviar un paquete publicitario con formato incorrecto al dispositivo BLE utilizando Zephyr OS, lo que provoca DoS o un posible RCE en el dispositivo BLE víctima. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j4qm-xgpf-qjw3 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-190: Integer Overflow or Wraparound •