CVE-2021-3861
8.2
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:H
Summary
The RNDIS USB device class includes a buffer overflow vulnerability. Zephyr versions >= v2.6.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| zephyrproject-rtos | zephyr | v2.6.0 < unspecified | affected |
Weaknesses
- CWE-122: Heap-based Buffer Overflow (CWE-122)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.