Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Incorrect Error Handling in Bluetooth HCI core
Vulnerability Description
Incorrect Error Handling in Bluetooth HCI core. Zephyr versions >= v1.14.2, >= v2.2.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gc66-xfrc-24qr
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
Vulnerability Type
空指针解引用
Vulnerability Title
Zephyr 代码问题漏洞
Vulnerability Description
Zephyr是美国Linux基金会的一套开源的小型的可缩放的实时操作系统。 Zephyr >= v1.14.2和>= v2.2.0版本存在代码问题漏洞,该漏洞源于蓝牙HCI核心中的错误处理。在hci_cmd_done中,将buf参数作为null传递会导致对nullpointer的取消引用。
CVSS Information
N/A
Vulnerability Type
N/A