zephyrproject-rtos

1 Product 95 CVEs

CVE Severity Distribution (All Time)

Critical

High

Medium

Low

Timeline Overview

Last 30 Days 0 CVEs

Last 6 Months 0 CVEs

Last Year 11 CVEs

Products

View all

Zephyr

36 Versions 95 CVEs

Recent CVEs

View all

CVE-2024-8798 HIGH 8 months, 3 weeks ago

No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.

CVE-2024-11263 CRITICAL 9 months, 3 weeks ago

When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata sectio…

CVE-2024-6444 MEDIUM 11 months ago

No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.

CVE-2024-6443 MEDIUM 11 months ago

In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty.

CVE-2024-6442 MEDIUM 11 months ago

In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.

CVE-2024-6259 HIGH 11 months, 4 weeks ago

BT: HCI: adv_ext_report Improper discarding in adv_ext_report

CVE-2024-6137 HIGH 11 months, 4 weeks ago

BT: Classic: SDP OOB access in get_att_search_list

CVE-2024-6135 HIGH 11 months, 4 weeks ago

BT:Classic: Multiple missing buf length checks

CVE-2024-5931 MEDIUM 11 months, 4 weeks ago

BT: Unchecked user input in bap_broadcast_assistant

CVE-2024-6258 MEDIUM 11 months, 4 weeks ago

BT: Missing length checks of net_buf in rfcomm_handle_data