CVE-2024-4785 | zephyrproject-rtos Zephyr up to 3.6 LL_CONNECTION_UPDATE_IND Packet null pointer dereference (GHSA-xcr5-5g98-mchp)

Inserito da Angelo Barbosa | Ago 20, 2024 | CVE

A vulnerability was found in zephyrproject-rtos Zephyr up to 3.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component LL_CONNECTION_UPDATE_IND Packet Handler. The manipulation leads to null pointer dereference.

This vulnerability is known as CVE-2024-4785. The attack needs to be approached within the local network. There is no exploit available.

CVE-2024-4785 | zephyrproject-rtos Zephyr up to 3.6 LL_CONNECTION_UPDATE_IND Packet null pointer dereference (GHSA-xcr5-5g98-mchp)

Post correlati

CVE-2024-29208 | Ubiquiti Update UniFi Connect EV Station password recovery

CVE-2024-31144 | Xen Backup/Restore injection (XSA-459)

CVE-2024-2690 | SourceCodester Online Discussion Forum Site 1.0 /uupdate.php ima unrestricted upload

CVE-2024-3803 | Vesystem Cloud Desktop up to 20240408 fileupload.php file unrestricted upload