Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Truncated L2CAP K-frame causes assertion failure
Vulnerability Description
Truncated L2CAP K-frame causes assertion failure. Zephyr versions >= 2.4.0, >= v.2.50 contain Improper Handling of Length Parameter Inconsistency (CWE-130), Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
长度参数不一致性处理不恰当
Vulnerability Title
Zephyr 安全漏洞
Vulnerability Description
Zephyr是美国Linux基金会的一套开源的小型的可缩放的实时操作系统。 Zephyr 2.4.0及更高版本,2.5.0及更高版本存在安全漏洞,该漏洞源于截断的L2CAP K帧导致断言失败。更多信息,请参见https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3。
CVSS Information
N/A
Vulnerability Type
N/A