Vulnerabilities > CVE-2021-3323 - Integer Underflow (Wrap or Wraparound) vulnerability in Zephyrproject Zephyr 2.4.0

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

zephyrproject

CWE-191

critical

NVD

Published: 2021-10-12

Updated: 2021-10-18

Summary

Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zephyr versions >= >=2.4.0 contain Integer Underflow (Wrap or Wraparound) (CWE-191). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc

Vulnerable Configurations

Part	Description	Count
OS	Zephyrproject Zephyrproject Zephyr 2.4.0	4

Common Weakness Enumeration (CWE)

CWE-191 - Integer Underflow (Wrap or Wraparound)

References

http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc