Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
The RNDIS USB device class includes a buffer overflow vulnerability
Vulnerability Description
The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H
Vulnerability Type
堆缓冲区溢出
Vulnerability Title
Zephyr 缓冲区错误漏洞
Vulnerability Description
Zephyr是美国Linux基金会的一套开源的小型的可缩放的实时操作系统。 Zephyr 中存在缓冲区错误漏洞,该漏洞源于产品的usb设备未能正确处理内存边界。攻击者可通过该漏洞导致缓冲区溢出。
CVSS Information
N/A
Vulnerability Type
N/A