Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCI Connection Creation Dangling State Reference Re-use
Vulnerability Description
The bluetooth HCI host layer logic not clearing a global reference to a state pointer after handling connection events may allow a malicious HCI Controller to cause the use of a dangling reference in the host layer, leading to a crash (DoS) or potential RCE on the Host layer.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H
Vulnerability Type
N/A
Vulnerability Title
Zephyr 资源管理错误漏洞
Vulnerability Description
Zephyr是Zephyr Project开源的一个可扩展的实时操作系统 (RTOS)。 Zephyr 3.3及之前版本存在资源管理错误漏洞,该漏洞源于在处理连接事件后不清除对状态指针的全局引用,可能会允许恶意控制器导致在主机层中使用悬空引用,从而导致崩溃(DoS)。
CVSS Information
N/A
Vulnerability Type
N/A