Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known
Vulnerability Description
BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions >= 1.14.2, >= 2.4.0, >= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
使用多个具有重复标识的资源
Vulnerability Title
Zephyr 安全漏洞
Vulnerability Description
Zephyr是美国Linux基金会的一套开源的小型的可缩放的实时操作系统。 Zephyr 存在安全漏洞,该漏洞源于在密钥分发阶段,当已知密钥的身份地址时,可以覆盖现有的密钥。
CVSS Information
N/A
Vulnerability Type
N/A