📦 Zephyr
by Zephyrproject
🔍 What is Zephyr?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability in RISC-V systems with Global Pointer relative addressing enabled allows attackers to manipulate memory addressing, potentially leading to arbitrary code execution. It affects syste...
CVE-2021-3329 is a critical vulnerability in the Zephyr RTOS Bluetooth HCI Host stack initialization that lacks proper input validation, allowing attackers to crash the Bluetooth stack via crafted pac...
CVE-2021-3625 is a heap-based buffer overflow vulnerability in Zephyr RTOS's USB Device Firmware Upgrade (DFU) DNLOAD functionality. This allows attackers to execute arbitrary code or cause denial of ...
This vulnerability in Zephyr RTOS allows attackers to read memory beyond allocated bounds during DNS processing, potentially exposing sensitive data or causing crashes. It affects Zephyr versions >=1....
This CVE describes a parameter validation vulnerability in Zephyr RTOS where untrusted input is not properly sanitized before being used in internal operations. Attackers can exploit this to execute a...
This CVE describes a denial-of-service vulnerability in the DNS implementation that could cause an infinite loop when processing certain DNS responses. This affects systems running Zephyr RTOS with DN...
CVE-2025-1675 is an out-of-bounds read vulnerability in the dns_copy_qname function of Zephyr RTOS's DNS implementation. This allows attackers to read sensitive memory contents when processing malicio...
CVE-2025-1674 is an out-of-bounds read vulnerability in Zephyr RTOS caused by insufficient input validation of network packets. Attackers can exploit this to read sensitive memory contents or cause de...
CVE-2025-1673 is an out-of-bounds read vulnerability in Zephyr RTOS DNS handling that allows a malicious DNS packet without payload to cause denial of service or incorrect computation. This affects sy...
This vulnerability in Zephyr RTOS's HTTP server allows buffer overflow attacks due to improper input length validation when processing file extensions. Attackers can exploit this to execute arbitrary ...
This vulnerability allows attackers to cause a heap-based buffer overflow in Zephyr RTOS Bluetooth Object Transfer Service (OTS) client by sending malformed data. It affects devices running vulnerable...
This vulnerability in Zephyr RTOS's Bluetooth Host Controller Interface (HCI) allows improper discarding of advertising extension reports, potentially enabling attackers to cause denial of service or ...
This CVE describes a heap-based buffer overflow vulnerability in Zephyr RTOS Bluetooth Classic stack due to missing buffer length checks. Attackers can exploit this to execute arbitrary code or cause ...
This vulnerability in Zephyr RTOS Bluetooth stack allows attackers to bypass encryption procedures, potentially enabling unauthorized access to Bluetooth communications. It affects devices running vul...
This vulnerability in Zephyr RTOS Bluetooth stack allows attackers to crash devices via a division by zero error when processing malicious LL_CONNECTION_UPDATE_IND packets. It affects Bluetooth Low En...
This vulnerability in Zephyr OS allows IP packets with source or destination addresses of 127.0.0.1 (localhost) to be processed when arriving on external interfaces instead of being dropped. This affe...
CVE-2023-6881 is a buffer overflow vulnerability in the is_mount_point function in Zephyr RTOS. This vulnerability could allow attackers to execute arbitrary code or cause denial of service by exploit...
This vulnerability in Zephyr RTOS Bluetooth stack allows unauthorized read/write access to Bluetooth characteristics that should require LE Secure Connections encryption. Attackers can bypass security...
CVE-2023-6249 is an incorrect type conversion vulnerability in the Zephyr RTOS esp32_ipm_send function, where a signed integer is improperly converted to unsigned without bounds checking. This allows ...
CVE-2023-5055 is a stack-based buffer overflow vulnerability in the le_ecred_reconf_req function of Zephyr RTOS Bluetooth LE stack. This allows attackers to execute arbitrary code or cause denial of s...
A buffer overflow vulnerability exists in the Zephyr RTOS IEEE 802.15.4 nRF 15.4 driver, allowing attackers to execute arbitrary code or cause denial of service. This affects devices running Zephyr RT...
This vulnerability in the Zephyr RTOS SJA1000 CAN controller driver causes a fatal exception when attempting automatic bus-off recovery in interrupt context. It affects systems using Zephyr RTOS with ...
A buffer overflow vulnerability exists in the Zephyr RTOS CAN bus subsystem, allowing attackers to execute arbitrary code or cause denial of service. This affects embedded systems and IoT devices runn...
This CVE involves two signed-to-unsigned conversion errors and buffer overflow vulnerabilities in Zephyr RTOS IPM drivers. Successful exploitation could allow attackers to execute arbitrary code, cras...
CVE-2023-4264 is a buffer overflow vulnerability in the Zephyr RTOS Bluetooth subsystem that could allow attackers to execute arbitrary code or cause denial of service. This affects devices running Ze...
Two buffer overflow vulnerabilities in the Zephyr eS-WiFi driver allow attackers to execute arbitrary code or cause denial of service by sending specially crafted network packets. This affects systems...
This vulnerability allows an attacker to impersonate a legitimate device during Bluetooth mesh provisioning by replaying a previously captured public key. It affects Bluetooth mesh implementations tha...
This vulnerability allows an attacker to write data beyond the intended memory buffer during Bluetooth mesh provisioning in Zephyr, potentially leading to remote code execution or denial of service. I...
This CVE describes a heap-based buffer overflow vulnerability in the USB device class implementation in Zephyr RTOS. Attackers could exploit this to execute arbitrary code or cause denial of service o...
This CVE describes an integer underflow vulnerability in the 6LoWPAN IPHC header uncompression functionality in Zephyr RTOS. An attacker could exploit this to cause memory corruption, potentially lead...
This CVE describes an integer underflow vulnerability in Zephyr's IEEE 802.15.4 fragment reassembly header removal code. When exploited, it can lead to buffer overflow, potentially allowing remote cod...
This vulnerability in Zephyr's JSON decoder allows attackers to cause memory corruption by exploiting incorrect array-of-array decoding. It affects Zephyr RTOS users running vulnerable versions, poten...
This vulnerability allows attackers to execute arbitrary code or cause denial of service via improper input validation in IEEE 802.15.4 frame processing in Zephyr RTOS. It affects Zephyr versions >= v...
A heap-based buffer overflow vulnerability in Zephyr RTOS's eswifi SPI driver allows attackers to corrupt kernel memory by sending malformed SPI responses. This affects Zephyr versions 1.14.2+ and 2.3...
This vulnerability in the GNSS service allows an out-of-bounds write due to incorrect bounds checking. It enables local privilege escalation if an attacker already has System privilege, requiring no u...
This vulnerability in the GNSS service allows an attacker with System privilege to perform an out-of-bounds write, potentially leading to local privilege escalation. It affects devices using MediaTek ...
This vulnerability allows attackers to spoof BLE connection responses to devices running vulnerable Zephyr RTOS versions. By sending unsolicited connection responses with matching identifiers, attacke...
This CVE describes an out-of-bounds write vulnerability in DA (likely a MediaTek component) that could allow local privilege escalation. Attackers with physical access can exploit this without additio...
This vulnerability in Zephyr RTOS's UTF-8 string truncation function allows reading memory outside the intended buffer when processing empty strings. It affects systems running Zephyr RTOS with UTF-8 ...