Vulnerabilities > Zephyrproject
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-28 | CVE-2021-3435 | Use of Uninitialized Resource vulnerability in Zephyrproject Zephyr 2.4.0/2.5.0/2.5.1 Information leakage in le_ecred_conn_req(). | 3.3 |
| 2022-02-07 | CVE-2021-3835 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr 2.6.0/2.6.1/3.0.0 Buffer overflow in usb device class. | 8.8 |
| 2022-02-07 | CVE-2021-3861 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr 2.6.0/2.6.1 The RNDIS USB device class includes a buffer overflow vulnerability. | 6.8 |
| 2021-10-19 | CVE-2021-3454 | Reachable Assertion vulnerability in Zephyrproject Zephyr 2.4.0/2.5.0/2.5.1 Truncated L2CAP K-frame causes assertion failure. | 7.5 |
| 2021-10-19 | CVE-2021-3455 | Use After Free vulnerability in Zephyrproject Zephyr 2.4.0/2.5.0/2.5.1 Disconnecting L2CAP channel right after invalid ATT request leads freeze. | 7.5 |
| 2021-10-12 | CVE-2021-3321 | Integer Underflow (Wrap or Wraparound) vulnerability in Zephyrproject Zephyr 2.4.0 Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header Removal. | 8.8 |
| 2021-10-12 | CVE-2021-3322 | NULL Pointer Dereference vulnerability in Zephyrproject Zephyr 2.4.0 Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zephyr. | 6.5 |
| 2021-10-12 | CVE-2021-3323 | Integer Underflow (Wrap or Wraparound) vulnerability in Zephyrproject Zephyr 2.4.0 Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. | 9.8 |
| 2021-10-12 | CVE-2021-3330 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr 2.4.0 RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr. | 8.8 |
| 2021-10-05 | CVE-2021-3319 | NULL Pointer Dereference vulnerability in Zephyrproject Zephyr 2.4.0 DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. | 9.8 |