Known Vulnerabilities for products from Zephyrproject
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Zephyrproject".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-4179 json | Issues in stm32 USB device driver (drivers/usb/device/usb_dc_stm32.c) can lead to an infinite while loop. | Not Provided | 2026-03-16 | 2026-04-02 |
| CVE-2026-1679 json | The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversize... | Not Provided | 2026-03-28 | 2026-03-31 |
| CVE-2026-0849 json | Malformed ATAES132A responses with an oversized length field overflow a 52-byte stack buffer in the Zephyr crypto driver, all... | Not Provided | 2026-03-16 | 2026-04-02 |
| CVE-2023-5753 json | Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c | 8.8 - HIGH | 2023-10-25 | 2023-11-14 |
| CVE-2023-5563 json | The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIG_CAN_AU... | 7.5 - HIGH | 2023-10-13 | 2023-10-18 |
| CVE-2023-5184 json | Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Ze... | 8.8 - HIGH | 2023-09-27 | 2023-11-14 |
| CVE-2023-5139 json | Potential buffer overflow vulnerability at the following location in the Zephyr STM32 Crypto driver | 7.8 - HIGH | 2023-10-26 | 2023-11-14 |
| CVE-2023-5055 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-11-21 | 2023-12-01 |
| CVE-2023-4265 json | Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main... | 6.8 - MEDIUM | 2023-08-12 | 2023-11-14 |
| CVE-2023-4264 json | Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem. | 9.6 - CRITICAL | 2023-09-27 | 2023-11-14 |
| CVE-2023-4263 json | Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver | 8.8 - HIGH | 2023-10-13 | 2023-11-14 |
| CVE-2023-4262 json | Possible buffer overflow in Zephyr mgmt subsystem when asserts are disabled | 10 - CRITICAL | 2023-09-27 | 2023-11-14 |
| CVE-2023-4260 json | Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system. | 10 - CRITICAL | 2023-09-27 | 2023-11-14 |
| CVE-2023-4259 json | Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code. | 8.8 - HIGH | 2023-09-26 | 2023-11-14 |
| CVE-2023-4258 json | In Bluetooth mesh implementation If provisionee has a public key that is sent OOB then during provisioning it can be sent bac... | 6.5 - MEDIUM | 2023-09-25 | 2023-09-26 |
| CVE-2023-4257 json | Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows. | 9.8 - CRITICAL | 2023-10-13 | 2023-11-14 |
| CVE-2023-3725 json | Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem | 9.8 - CRITICAL | 2023-10-06 | 2023-11-14 |
| CVE-2023-2234 json | Union variant confusion allows any malicious BT controller to execute arbitrary code on the Zephyr host. | 8.8 - HIGH | 2023-07-10 | 2023-08-28 |
| CVE-2023-1902 json | The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may al... | 8 - HIGH | 2023-07-10 | 2023-07-17 |
| CVE-2023-1901 json | The bluetooth HCI host layer logic not clearing a global reference to a semaphore after synchronously sending HCI commands ma... | 8 - HIGH | 2023-07-10 | 2023-07-14 |