Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Shell Subsystem Contains a Buffer Overflow Vulnerability In shell_spaces_trim
Vulnerability Description
The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
CVSS Information
CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
Vulnerability Type
未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)
Vulnerability Title
Zephyr 缓冲区错误漏洞
Vulnerability Description
Zephyr是美国Linux基金会的一套开源的小型的可缩放的实时操作系统。 Zephyr 1.14.0及之后版本(1.14.2版本已修复)和2.1.0及之后版本(2.2.0版本已修复)中的shell子系统存在缓冲区错误漏洞。攻击者可利用该漏洞导致拒绝服务或执行代码(内存损坏)。
CVSS Information
N/A
Vulnerability Type
N/A