CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2741 – can: denial-of-service can be triggered by a crafted CAN frame
https://notcve.org/view.php?id=CVE-2022-2741
31 Oct 2022 — The denial-of-service can be triggered by transmitting a carefully crafted CAN frame on the same CAN network as the vulnerable node. The frame must have a CAN ID matching an installed filter in the vulnerable node (this can easily be guessed based on CAN traffic analyses). The frame must contain the opposite RTR bit as what the filter installed in the vulnerable node contains (if the filter matches RTR frames, the frame must be a data frame or vice versa). La denegación de servicio puede activarse transmiti... • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx5v-j59q-c3j8 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1841 – Out-of-bound write in tcp_flags
https://notcve.org/view.php?id=CVE-2022-1841
31 Aug 2022 — In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero. En el archivo subsys/net/ip/tcp.c, la función tcp_flags , cuando el parámetro entrante flags es ECN o CWR , el buf escribirá fuera de límites un byte cero • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5c3j-p8cr-2pgh • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1042 – Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
https://notcve.org/view.php?id=CVE-2022-1042
26 Jul 2022 — In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. En Zephyr bluetooth mesh core stack, puede desencadenarse una vulnerabilidad de escritura fuera de límites durante el aprovisionamiento. • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1041 – Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
https://notcve.org/view.php?id=CVE-2022-1041
26 Jul 2022 — In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. En Zephyr bluetooth mesh core stack, puede desencadenarse una vulnerabilidad de escritura fuera de límites durante el aprovisionamiento. • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13603 – Integer Overflow in memory allocating functions
https://notcve.org/view.php?id=CVE-2020-13603
24 May 2021 — Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45 Un Desbordamiento de Enteros en funciones de asignación de memoria. Zephyr versiones posteriores a 1.14.2 incluyéndola, versiones posteriores a 2.4.0 incluyéndola, contienen un Desbordamiento de Enteros o Wraparound (CWE-190). Para mayor información, consu... • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13602 – Remote Denial of Service in LwM2M do_write_op_tlv
https://notcve.org/view.php?id=CVE-2020-13602
24 May 2021 — Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh Una Denegación de Servicio Remota en la función do_write_op_tlv de LwM2M. Zephyr versiones posteriores a 1.14.2 incluyéndola, versiones posteriores a 2.2.0 incluyéndola, contienen una Comprobación In... • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh • CWE-20: Improper Input Validation CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13601 – Possible read out of bounds in dns read
https://notcve.org/view.php?id=CVE-2020-13601
24 May 2021 — Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44 Una posible Lectura Fuera de Límites en una lectura de dns. Zephyr versiones posteriores a 1.14.2 incluyéndola, versiones posteriores a 2.3.0 incluyéndola, contienen una Lectura Fuera de Límites (CWE-125). Para mayor información, consulte https://github.com/zephyrproject-rtos... • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44 • CWE-125: Out-of-bounds Read •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13600 – Malformed SPI in response for eswifi can corrupt kernel memory
https://notcve.org/view.php?id=CVE-2020-13600
24 May 2021 — Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr Un SPI malformado en respuesta a eswifi puede corromper la memoria del kernel. Zephyr versiones posteriores a 1.14.2 incluyéndola, versiones posteriores a 2.3.0 incluyéndola, contienen un Desbordamiento del Búfer en la región Heap de la memoria (CWE-... • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13599 – Security problem with settings and littlefs
https://notcve.org/view.php?id=CVE-2020-13599
24 May 2021 — Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q Un problema de seguridad con la configuración y littlefs. Zephyr versiones posteriores a 1.14.2 incluyéndola, versiones posteriores a 2.3.0 incluyéndola, contienen Permisos Predeterminados Incorrectos (CWE-276). Para mayor información, consulte https://github.c... • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13598 – FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat
https://notcve.org/view.php?id=CVE-2020-13598
24 May 2021 — FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= v1.14.2, >= v2.3.0 contain Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h FS: Desbordamiento del búfer al habilitar Nombres de Archivo Largos en FAT_FS y llamar a fs_stat. Zephyr versiones posteriores a v1.14.2 incluyéndola, versiones posteriores a v2.3.0 incluyéndola, contienen un Desbordamiento del Bú... • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •