CVE-2020-13600
7
CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx4p-j86p-2mhr
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| zephyrproject-rtos | zephyr | 1.14.2 < unspecified | affected |
| zephyrproject-rtos | zephyr | 2.3.0 < unspecified | affected |
Weaknesses
- CWE-122: Heap-based Buffer Overflow (CWE-122)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.