CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2741 – can: denial-of-service can be triggered by a crafted CAN frame
https://notcve.org/view.php?id=CVE-2022-2741
31 Oct 2022 — The denial-of-service can be triggered by transmitting a carefully crafted CAN frame on the same CAN network as the vulnerable node. The frame must have a CAN ID matching an installed filter in the vulnerable node (this can easily be guessed based on CAN traffic analyses). The frame must contain the opposite RTR bit as what the filter installed in the vulnerable node contains (if the filter matches RTR frames, the frame must be a data frame or vice versa). La denegación de servicio puede activarse transmiti... • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx5v-j59q-c3j8 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1841 – Out-of-bound write in tcp_flags
https://notcve.org/view.php?id=CVE-2022-1841
31 Aug 2022 — In subsys/net/ip/tcp.c , function tcp_flags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero. En el archivo subsys/net/ip/tcp.c, la función tcp_flags , cuando el parámetro entrante flags es ECN o CWR , el buf escribirá fuera de límites un byte cero • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5c3j-p8cr-2pgh • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1042 – Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
https://notcve.org/view.php?id=CVE-2022-1042
26 Jul 2022 — In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. En Zephyr bluetooth mesh core stack, puede desencadenarse una vulnerabilidad de escritura fuera de límites durante el aprovisionamiento. • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1041 – Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
https://notcve.org/view.php?id=CVE-2022-1041
26 Jul 2022 — In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning. En Zephyr bluetooth mesh core stack, puede desencadenarse una vulnerabilidad de escritura fuera de límites durante el aprovisionamiento. • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38 • CWE-787: Out-of-bounds Write •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3861 – The RNDIS USB device class includes a buffer overflow vulnerability
https://notcve.org/view.php?id=CVE-2021-3861
07 Feb 2022 — The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj La clase de dispositivo USB RNDIS incluye una vulnerabilidad de desbordamiento de búfer. Las versiones de Zephyr versiones posteriores a v2.6.0 incluyéndola, contienen un desbordamiento del búfer en la región Heap de la memoria (CWE-122). Para más información,... • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-3835 – Buffer overflow in usb device class
https://notcve.org/view.php?id=CVE-2021-3835
07 Feb 2022 — Buffer overflow in usb device class. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf Un desbordamiento de búfer en la clase de dispositivo usb. Zephyr versiones posteriores a v2.6.0 incluyéndola, contienen un desbordamiento del búfer en la región Heap de la memoria (CWE-122). Para más información, consulte https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA... • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 2CVE-2021-3625 – Buffer overflow in Zephyr USB DFU DNLOAD
https://notcve.org/view.php?id=CVE-2021-3625
05 Oct 2021 — Buffer overflow in Zephyr USB DFU DNLOAD. Zephyr versions >= v2.5.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363 Desbordamiento del búfer en Zephyr USB DFU DNLOAD. Zephyr versiones posteriores a v2.5.0 incluyéndola, contienen un Desbordamiento de Búfer en la región Heap de la memoria (CWE-122). Para más información, consulte https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3g... • https://github.com/szymonh/zephyr_cve-2021-3625 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2021-3510 – Zephyr JSON decoder incorrectly decodes array of array
https://notcve.org/view.php?id=CVE-2021-3510
05 Oct 2021 — Zephyr JSON decoder incorrectly decodes array of array. Zephyr versions >= >1.14.0, >= >2.5.0 contain Attempt to Access Child of a Non-structure Pointer (CWE-588). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4 El decodificador JSON de Zephyr decodifica incorrectamente un array de array. Zephyr versiones anteriores y posteriores a 1.14.0 incluyéndola, versiones anteriores y posteriores a 2.5.0 incluyéndola, contienen Intento de Acceso a Child d... • http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4 • CWE-588: Attempt to Access Child of a Non-structure Pointer •