Filtered by vendor Zephyrproject-rtos Subscriptions
Filtered by product Zephyr Subscriptions
Total 7 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-1638 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2025-04-24 8.2 High
The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characteristic: Attribute read/write permission with LE Secure Connection encryption. If set, requires that LE Secure Connections is used for read/write access, however this is only true when it is combined with other permissions, namely BT_GATT_PERM_READ_ENCRYPT/BT_GATT_PERM_READ_AUTHEN (for read) or BT_GATT_PERM_WRITE_ENCRYPT/BT_GATT_PERM_WRITE_AUTHEN (for write), if these additional permissions are not set (even in secure connections only mode) then the stack does not perform any permission checks on these characteristics and they can be freely written/read.
CVE-2024-11263 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2025-02-03 9.4 Critical
When the Global Pointer (GP) relative addressing is enabled (CONFIG_RISCV_GP=y), the gp reg points at 0x800 bytes past the start of the .sdata section which is then used by the linker to relax accesses to global symbols.
CVE-2024-6259 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2024-09-25 7.6 High
BT: HCI: adv_ext_report Improper discarding in adv_ext_report
CVE-2024-6258 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2024-09-19 6.8 Medium
BT: Missing length checks of net_buf in rfcomm_handle_data
CVE-2024-5931 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2024-09-19 6.3 Medium
BT: Unchecked user input in bap_broadcast_assistant
CVE-2024-6135 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2024-09-19 7.6 High
BT:Classic: Multiple missing buf length checks
CVE-2024-6137 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2024-09-19 7.6 High
BT: Classic: SDP OOB access in get_att_search_list