Vulnerabilities > Zephyrproject > Zephyr > 3.2.0

DATE CVE VULNERABILITY TITLE RISK
2023-01-25 CVE-2023-0396 Out-of-bounds Read vulnerability in Zephyrproject Zephyr
A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses.
low complexity
zephyrproject CWE-125
6.8
2023-01-25 CVE-2022-3806 Double Free vulnerability in Zephyrproject Zephyr
Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer.
network
low complexity
zephyrproject CWE-415
critical
9.8
2023-01-19 CVE-2023-0397 Improper Initialization vulnerability in Zephyrproject Zephyr
A malicious / defect bluetooth controller can cause a Denial of Service due to unchecked input in le_read_buffer_size_complete.
low complexity
zephyrproject CWE-665
6.5