CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1675 – Out of bounds read in dns_copy_qname
https://notcve.org/view.php?id=CVE-2025-1675
25 Feb 2025 — The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the copied data. La función dns_copy_qname en dns_pack.c realiza una operación memcpy con un campo no confiable y no verifica si el búfer de origen es lo suficientemente grande para contener los datos copiados. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-2m84-5hfw-m8v4 • CWE-125: Out-of-bounds Read •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1674 – Out of bounds read when unpacking DNS answers
https://notcve.org/view.php?id=CVE-2025-1674
25 Feb 2025 — A lack of input validation allows for out of bounds reads caused by malicious or malformed packets. La falta de validación de entrada permite lecturas fuera de los límites causadas por paquetes maliciosos o malformados. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-x975-8pgf-qh66 • CWE-125: Out-of-bounds Read •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-1673 – Out of bounds read when calling crc16_ansi and strlen in dns_validate_msg
https://notcve.org/view.php?id=CVE-2025-1673
25 Feb 2025 — A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation. Un paquete DNS malicioso o malformado sin un payload puede provocar una lectura fuera de los límites, lo que resulta en un bloqueo (denegación de servicio) o un cálculo incorrecto. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-jjhx-rrh4-j8mx • CWE-125: Out-of-bounds Read •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-10395 – net: lib: http_server: Buffer Under-read
https://notcve.org/view.php?id=CVE-2024-10395
03 Feb 2025 — No proper validation of the length of user input in http_server_get_content_type_from_extension. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hfww-j92m-x8fv • CWE-127: Buffer Under-read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8798 – Bluetooth: classic: avdtp: missing buffer length check
https://notcve.org/view.php?id=CVE-2024-8798
15 Dec 2024 — No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-r7pm-f93f-f7fp • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11263 – arch: riscv: userspace: potential security risk when CONFIG_RISCV_GP=y
https://notcve.org/view.php?id=CVE-2024-11263
15 Nov 2024 — When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-jjf3-7x72-pqm9 • CWE-270: Privilege Context Switching Error •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6444 – Bluetooth: ots: missing buffer length check
https://notcve.org/view.php?id=CVE-2024-6444
04 Oct 2024 — No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-qj4r-chj6-h7qp • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6443 – zephyr: out-of-bound read in utf8_trunc
https://notcve.org/view.php?id=CVE-2024-6443
04 Oct 2024 — In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gg46-3rh2-v765 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6442 – Bluetooth: ASCS Unchecked tailroom of the response buffer
https://notcve.org/view.php?id=CVE-2024-6442
04 Oct 2024 — In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow. • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-m22j-ccg7-4v4h • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6259 – BT: HCI: adv_ext_report Improper discarding in adv_ext_report
https://notcve.org/view.php?id=CVE-2024-6259
13 Sep 2024 — BT: HCI: adv_ext_report Improper discarding in adv_ext_report • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p5j7-v26w-wmcp • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow •