CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-3625

CRITICAL
9.6
CVSS Severity Score
EPSS Score0.0600%
EPSS Percentile2.00th
Published2021年10月5日
Last Modified2024年11月21日

Vulnerability Description

Buffer overflow in Zephyr USB DFU DNLOAD. Zephyr versions >= v2.5.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363

Affected Platforms (CPE)

💻
Zephyrproject

Zephyr

>= 2.5.0 and < 2.7.0

References & Advisories

🔗 http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363
🔗 http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363

相關漏洞威脅

CVE-2017-129029.8

The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.

CVE-2018-10008009.8

zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can...

CVE-2017-141999.8

A buffer overflow has been found in the Zephyr Project's getaddrinfo() implementation in 1.9.0 and 1.10.0.

CVE-2020-100229.0

A malformed JSON payload that is received from an UpdateHub server may trigger memory corruption in the Zephyr OS. This could resu...