SB2020051285 - Multiple vulnerabilities in rutantan zephyr

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020051285

SB2020051285 - Multiple vulnerabilities in rutantan zephyr

Published: May 12, 2020 Updated: August 9, 2020

Security Bulletin ID SB2020051285
Severity
High
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Adjecent network
Highest impact Code execution

Breakdown by Severity

High 33% Medium 33% Low 33%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2020-10061)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Improper handling of the full-buffer case in the Zephyr Bluetooth implementation can result in memory corruption. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions, and version 1.14.0 and later versions.


2) Input validation error (CVE-ID: CVE-2020-10068)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

In the Zephyr project Bluetooth subsystem, certain duplicate and back-to-back packets can cause incorrect behavior, resulting in a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions, and version 1.14.0 and later versions.


3) Out-of-bounds write (CVE-ID: CVE-2020-10021)

The vulnerability allows a local authenticated user to execute arbitrary code.

Out-of-bounds Write in the USB Mass Storage memoryWrite handler with unaligned Sizes See NCC-ZEP-024, NCC-ZEP-025, NCC-ZEP-026 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions.


Remediation

Install update from vendor's website.

References