CVE-2023-0359 – ipv6: Missing ipv6 nullptr-check in handle_ra_input
https://notcve.org/view.php?id=CVE-2023-0359
A missing nullptr-check in handle_ra_input can cause a nullptr-deref. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c7fq-vqm6-v5pf • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVE-2023-0779 – net: shell: Improper input validation
https://notcve.org/view.php?id=CVE-2023-0779
At the most basic level, an invalid pointer can be input that crashes the device, but with more knowledge of the device’s memory layout, further exploitation is possible. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-9xj8-6989-r549 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVE-2023-0397 – DoS: Invalid Initialization in le_read_buffer_size_complete
https://notcve.org/view.php?id=CVE-2023-0397
A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete. Un controlador bluetooth malicioso o defectuoso puede provocar una denegación de servicio debido a una entrada no marcada en le_read_buffer_size_complete. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wc2h-h868-q7hj • CWE-665: Improper Initialization CWE-703: Improper Check or Handling of Exceptional Conditions •
CVE-2023-0396 – Buffer Overreads in Bluetooth HCI
https://notcve.org/view.php?id=CVE-2023-0396
A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses. Un controlador Bluetooth malicioso o defectuoso puede provocar sobrelecturas del búfer en la mayoría de las funciones que procesan respuestas de comandos HCI. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8rpp-6vxq-pqg3 • CWE-125: Out-of-bounds Read CWE-126: Buffer Over-read •
CVE-2022-3806 – Bluetooth HCI Error Handling Double Free
https://notcve.org/view.php?id=CVE-2022-3806
Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer. El manejo inconsistente de los casos de error en bluetooth hci puede provocar una condición doblemente libre de un búfer de red. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w525-fm68-ppq3 • CWE-415: Double Free •