First published: Tue May 25 2021(Updated: )
Improper Input Frame Validation in ieee802154 Processing. Zephyr versions >= v1.14.2, >= v2.2.0 contain Stack-based Buffer Overflow (CWE-121), Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3gvq-h42f-v3c7
Credit: vulnerabilities@zephyrproject.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zephyrproject Zephyr | <=1.14.2 | |
Zephyrproject Zephyr | >=2.0.0<=2.2.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-10064 refers to a vulnerability that exists in Zephyr versions >= v1.14.2 and >= v2.2.0, which can lead to stack-based and heap-based buffer overflow.
CVE-2020-10064 has a severity level of 9.8 (critical).
CVE-2020-10064 affects Zephyr versions >= v1.14.2 and >= v2.2.0. It introduces stack-based and heap-based buffer overflow vulnerabilities.
CVE-2020-10064 is associated with CWE-121 (Stack-based Buffer Overflow) and CWE-122 (Heap-based Buffer Overflow).
For more information about CVE-2020-10064, you can visit the advisory page at http://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3gvq-h42f-v3c7