Vulnerabilities > Zephyrproject > Zephyr > 3.6.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-16 | CVE-2024-8798 | Out-of-bounds Write vulnerability in Zephyrproject Zephyr No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. | 6.5 |
| 2024-11-15 | CVE-2024-11263 | Unspecified vulnerability in Zephyrproject Zephyr When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols. | 8.4 |
| 2024-08-19 | CVE-2024-4785 | Divide By Zero vulnerability in Zephyrproject Zephyr BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero | 6.5 |