Zephyrproject Zephyr vulnerabilities

114 known vulnerabilities affecting zephyrproject/zephyr.

Total CVEs

114

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL22HIGH52MEDIUM37LOW3

Vulnerabilities

Page 5 of 6

CVE-2021-3436MEDIUMCVSS 6.5v1.14.2v2.4.0+1 more2021-10-05

CVE-2021-3436 [MEDIUM] CWE-694 CVE-2021-3436: BT: Possible to overwrite an existing bond during keys distribution phase when the identity address BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions >= 1.14.2, >= 2.4.0, >= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63

nvd

CVE-2020-13601CRITICALCVSS 9.8≤ 1.14.2≥ 2.0.0, ≤ 2.3.02021-05-25

CVE-2020-13601 [CRITICAL] CWE-125 CVE-2020-13601: Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds R Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mm57-9hqw-qh44

nvd

CVE-2020-10064CRITICALCVSS 9.8≤ 1.14.2≥ 2.0.0, ≤ 2.2.02021-05-25

CVE-2020-10064 [CRITICAL] CWE-121 CVE-2020-10064: Improper Input Frame Validation in ieee802154 Processing. Zephyr versions >= v1.14.2, >= v2.2.0 cont Improper Input Frame Validation in ieee802154 Processing. Zephyr versions >= v1.14.2, >= v2.2.0 contain Stack-based Buffer Overflow (CWE-121), Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3gvq-h42f-v3c7

nvd

CVE-2020-13603HIGHCVSS 7.8≤ 1.14.2≥ 2.0.0, ≤ 2.2.02021-05-25

CVE-2020-13603 [HIGH] CWE-190 CVE-2020-13603: Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45

nvd

CVE-2021-3320HIGHCVSS 7.5≥ 2.0.0, ≤ 2.4.02021-05-25

CVE-2021-3320 [HIGH] CWE-476 CVE-2021-3320: Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2.4.0 contain NULL Pointer Derefer Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2.4.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-27r3-rxch-2hm7

nvd

CVE-2020-10065HIGHCVSS 8.8≤ 1.14.2≥ 2.0.0, ≤ 2.2.02021-05-25

CVE-2020-10065 [HIGH] CWE-130 CVE-2020-10065: Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions >= v1.14.2, >= v2.2.0 contain Imprope Missing Size Checks in Bluetooth HCI over SPI. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Length Parameter Inconsistency (CWE-130). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hg2w-62p6-g67c

nvd

CVE-2020-13600HIGHCVSS 7.6≤ 1.14.2≥ 2.0.0, ≤ 2.3.02021-05-25

CVE-2020-13600 [HIGH] CWE-122 CVE-2020-13600: Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr

nvd

CVE-2020-13598HIGHCVSS 7.8≤ 1.14.2≥ 2.0.0, ≤ 2.3.02021-05-25

CVE-2020-13598 [HIGH] CWE-121 CVE-2020-13598: FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= FS: Buffer Overflow when enabling Long File Names in FAT_FS and calling fs_stat. Zephyr versions >= v1.14.2, >= v2.3.0 contain Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7fhv-rgxr-x56h

nvd

CVE-2020-13602MEDIUMCVSS 5.5≤ 1.14.2≥ 2.0.0, ≤ 2.2.02021-05-25

CVE-2020-13602 [MEDIUM] CWE-20 CVE-2020-13602: Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Impro Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-g9mg-fj58-6fqh

nvd

CVE-2020-10066MEDIUMCVSS 5.7≤ 1.14.2≥ 2.0.0, ≤ 2.2.02021-05-25

CVE-2020-10066 [MEDIUM] CWE-476 CVE-2020-10066: Incorrect Error Handling in Bluetooth HCI core. Zephyr versions >= v1.14.2, >= v2.2.0 contain NULL P Incorrect Error Handling in Bluetooth HCI core. Zephyr versions >= v1.14.2, >= v2.2.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gc66-xfrc-24qr

nvd

CVE-2020-10072MEDIUMCVSS 5.3≤ 1.14.2≥ 2.0.0, ≤ 2.2.02021-05-25

CVE-2020-10072 [MEDIUM] CWE-280 CVE-2020-10072: Improper Handling of Insufficient Permissions or Privileges in zephyr. Zephyr versions >= v1.14.2, > Improper Handling of Insufficient Permissions or Privileges in zephyr. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Insufficient Permissions or Privileges (CWE-280). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-vf79-hqwm-w4xc

nvd

CVE-2020-10069MEDIUMCVSS 6.5≤ 1.14.2≥ 2.0.0, ≤ 2.2.02021-05-25

CVE-2020-10069 [MEDIUM] CWE-233 CVE-2020-10069: Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions >= v1.14.2, >= Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Parameters (CWE-233). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-f6vh-7v4x-8fjp

nvd

CVE-2020-13599LOWCVSS 3.3≤ 1.14.2≥ 2.0.0, ≤ 2.3.02021-05-25

CVE-2020-13599 [LOW] CWE-276 CVE-2020-13599: Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect D Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (CWE-276). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5qhg-j6wc-4f6q

nvd

CVE-2020-10062CRITICALCVSS 9.8≤ 2.2.02020-06-05

CVE-2020-10062 [CRITICAL] CWE-193 CVE-2020-10062: An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption An off-by-one error in the Zephyr project MQTT packet length decoder can result in memory corruption and possible remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.

nvd

CVE-2020-10070CRITICALCVSS 9.8≤ 2.2.02020-06-05

CVE-2020-10070 [CRITICAL] CWE-120 CVE-2020-10070: In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possib In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.

nvd

CVE-2020-10071CRITICALCVSS 9.8≤ 2.2.02020-06-05

CVE-2020-10071 [CRITICAL] CWE-120 CVE-2020-10071: The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.

nvd

CVE-2020-10063HIGHCVSS 7.5≤ 2.2.02020-06-05

CVE-2020-10063 [HIGH] CWE-190 CVE-2020-10063: A remote adversary with the ability to send arbitrary CoAP packets to be parsed by Zephyr is able to A remote adversary with the ability to send arbitrary CoAP packets to be parsed by Zephyr is able to cause a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.

nvd

CVE-2020-10061HIGHCVSS 8.8fixed in 1.14.0≥ 2.0.0, < 2.2.02020-06-05

CVE-2020-10061 [HIGH] CWE-119 CVE-2020-10061: Improper handling of the full-buffer case in the Zephyr Bluetooth implementation can result in memor Improper handling of the full-buffer case in the Zephyr Bluetooth implementation can result in memory corruption. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions, and version 1.14.0 and later versions.

nvd

CVE-2020-10068MEDIUMCVSS 6.5fixed in 1.14.0≥ 2.0.0, < 2.2.02020-06-05

CVE-2020-10068 [MEDIUM] CWE-20 CVE-2020-10068: In the Zephyr project Bluetooth subsystem, certain duplicate and back-to-back packets can cause inco In the Zephyr project Bluetooth subsystem, certain duplicate and back-to-back packets can cause incorrect behavior, resulting in a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions, and version 1.14.0 and later versions.

nvd

CVE-2020-10022CRITICALCVSS 9.8v2.1.0v2.2.02020-05-11

CVE-2020-10022 [CRITICAL] CWE-120 CVE-2020-10022: A malformed JSON payload that is received from an UpdateHub server may trigger memory corruption in A malformed JSON payload that is received from an UpdateHub server may trigger memory corruption in the Zephyr OS. This could result in a denial of service in the best case, or code execution in the worst case. See NCC-NCC-016 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. version 2.2.0 and later versions.

nvd

← Previous5 / 6Next →