Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveZephyrCVE-2021-3434
HistoryJun 28, 2022 - 8:15 p.m.

CVE-2021-3434

2022-06-2820:15:08
CWE-787
CWE-121
zephyr
web.nvd.nist.gov
40
9
cve-2021-3434
security advisory
buffer overflow
zephyr
nvd
cwe-121

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9

Confidence

High

EPSS

0.001

Percentile

36.4%

JSON

Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions >= v2.5.0 Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm

Affected configurations

Nvd
Node
zephyrprojectzephyrRange2.5.02.6.0
VendorProductVersionCPE
zephyrprojectzephyr*cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "zephyr",
    "vendor": "zephyrproject-rtos",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "v2.5.0",
        "versionType": "custom"
      },
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "v2.6.0",
        "versionType": "custom"
      }
    ]
  }
]

Social References

More

Related

prion 2
cvelist 2
nvd 2
cve 1
prion
prion
Stack overflow
2022-06-28 20:15:00
Design/Logic Flaw
2023-11-21 18:15:00
cvelist
cvelist
CVE-2021-3434 L2CAP: Stack based buffer overflow in le_ecred_conn_req()
2022-06-28 19:45:39
CVE-2023-5055 L2CAP: Possible Stack based buffer overflow in le_ecred_reconf_req()
2023-11-21 18:05:10
nvd
nvd
CVE-2021-3434
2022-06-28 20:15:08
CVE-2023-5055
2023-11-21 18:15:09
cve
cve
CVE-2023-5055
2023-11-21 18:15:09

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9

Confidence

High

EPSS

0.001

Percentile

36.4%

JSON
Related for CVE-2021-3434
prion2cvelist2nvd2cve1