CVE-2020-10023

Summary

The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

Affected Software

VendorProductVersion RangeStatus
zephyrproject-rtoszephyr1.14.0 < unspecifiedaffected
zephyrproject-rtoszephyr2.1.0 < unspecifiedaffected

Weaknesses

  • CWE-120: CWE-120 Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References