Vulnerabilities > Zephyrproject > Zephyr > 2.4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-16 | CVE-2024-8798 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. | 6.5 |
| 2024-11-15 | CVE-2024-11263 | Unspecified vulnerability in Zephyrproject Zephyr When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols. | 8.4 |
| 2024-09-13 | CVE-2024-6259 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr BT: HCI: adv_ext_report Improper discarding in adv_ext_report | 6.5 |
| 2024-09-13 | CVE-2024-5931 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr BT: Unchecked user input in bap_broadcast_assistant | 6.5 |
| 2024-09-13 | CVE-2024-6135 | Divide By Zero vulnerability in Zephyrproject Zephyr BT:Classic: Multiple missing buf length checks | 6.5 |
| 2024-09-13 | CVE-2024-6137 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr BT: Classic: SDP OOB access in get_att_search_list | 6.5 |
| 2024-09-13 | CVE-2024-5754 | Unspecified vulnerability in Zephyrproject Zephyr BT: Encryption procedure host vulnerability low complexity zephyrproject | 6.5 |
| 2024-09-13 | CVE-2024-6258 | Integer Underflow (Wrap or Wraparound) vulnerability in Zephyrproject Zephyr BT: Missing length checks of net_buf in rfcomm_handle_data | 6.5 |
| 2024-08-19 | CVE-2024-4785 | Divide By Zero vulnerability in Zephyrproject Zephyr BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero | 6.5 |
| 2024-07-03 | CVE-2024-3332 | NULL Pointer Dereference vulnerability in Zephyrproject Zephyr A malicious BLE device can send a specific order of packet sequence to cause a DoS attack on the victim BLE device | 6.5 |