CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5563
https://notcve.org/view.php?id=CVE-2023-5563
12 Oct 2023 — The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=y. This results in calling k_sleep() in IRQ context, causing a fatal exception. El backend del controlador CAN SJA1000 intenta recuperarse automáticamente de un evento de apagado del bus cuando se construye con CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=y. Esto da como resultado una llamada a k_sleep() en el contexto IRQ, lo que provoca una excepción fatal. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-98mc-rj7w-7rpv • CWE-703: Improper Check or Handling of Exceptional Conditions •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-3725 – Potential buffer overflow vulnerability in the Zephyr CANbus subsystem
https://notcve.org/view.php?id=CVE-2023-3725
06 Oct 2023 — Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem Posible vulnerabilidad de desbordamiento del búfer en el subsistema Zephyr CAN bus Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-5184 – Potential signed to unsigned conversion errors and buffer overflow vulnerabilities in the Zephyr IPM driver
https://notcve.org/view.php?id=CVE-2023-5184
27 Sep 2023 — Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers. Dos posibles errores de conversión de firmados a no firmados y vulnerabilidades de desbordamiento del búfer en las siguientes ubicaciones en los controladores Zephyr IPM. Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-195: Signed to Unsigned Conversion Error CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4260 – Potential off-by-one buffer overflow vulnerability in the Zephyr FS subsystem
https://notcve.org/view.php?id=CVE-2023-4260
26 Sep 2023 — Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system. Posible vulnerabilidad de desbordamiento del búfer uno por uno en el sistema de archivos del fusible Zephyr. Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-193: Off-by-one Error •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4264 – Potential buffer overflow vulnerabilities in the Zephyr Bluetooth subsystem
https://notcve.org/view.php?id=CVE-2023-4264
26 Sep 2023 — Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem. Posibles vulnerabilidades de desbordamiento del búfer en el subsistema Bluetooth Zephyr. Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow CWE-122: Heap-based Buffer Overflow •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-4259 – Potential buffer overflow vulnerabilities in the Zephyr eS-WiFi driver
https://notcve.org/view.php?id=CVE-2023-4259
25 Sep 2023 — Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code. Dos posibles vulnerabilidades de desbordamiento del búfer en las siguientes ubicaciones en el código fuente del controlador Zephyr eS-WiFi. Zephyr RTOS versions 3.5.0 and below suffer from a multitude of buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-193: Off-by-one Error •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4258 – bt: mesh: vulnerability in provisioning protocol implementation on provisionee side
https://notcve.org/view.php?id=CVE-2023-4258
25 Sep 2023 — In Bluetooth mesh implementation If provisionee has a public key that is sent OOB then during provisioning it can be sent back and will be accepted by provisionee. En la implementación de Bluetooth mesh, si el "provisionee" tiene una clave pública que se envía OOB, durante el aprovisionamiento se puede devolver y será aceptada por el "provisionee". • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-m34c-cp63-rwh7 • CWE-684: Incorrect Provision of Specified Functionality •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2023-4265 – Buffer overflow in Zephyr USB
https://notcve.org/view.php?id=CVE-2023-4265
12 Aug 2023 — Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usb_dc_native_posix.c#L359 https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis... https://github.com/zephyrproject-rtos/zephyr/blob/main/subsys/usb/device/class/netusb/function_rndis.c#L841 Zephyr RTOS versions 3.5.0 a... • http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-1901 – HCI send_sync Dangling Semaphore Reference Re-use
https://notcve.org/view.php?id=CVE-2023-1901
10 Jul 2023 — The bluetooth HCI host layer logic not clearing a global reference to a semaphore after synchronously sending HCI commands may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xvvm-8mcm-9cq3 • CWE-672: Operation on a Resource after Expiration or Release CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-2234 – BT HCI host union variant confusion
https://notcve.org/view.php?id=CVE-2023-2234
10 Jul 2023 — Union variant confusion allows any malicious BT controller to execute arbitrary code on the Zephyr host. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx9g-8fr2-q899 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •