CVE-2024-6443 | zephyrproject-rtos Zephyr up to 3.6 zephyr/lib/utils/utf8.c utf8_trunc last_byte_p out-of-bounds (GHSA-gg46-3rh2-v765)

Inserito da Angelo Barbosa | Ott 4, 2024 | CVE

A vulnerability was found in zephyrproject-rtos Zephyr up to 3.6. It has been declared as critical. Affected by this vulnerability is the function utf8_trunc in the library zephyr/lib/utils/utf8.c. The manipulation of the argument last_byte_p leads to out-of-bounds read.

This vulnerability is known as CVE-2024-6443. The attack needs to be done within the local network. There is no exploit available.

CVE-2024-6443 | zephyrproject-rtos Zephyr up to 3.6 zephyr/lib/utils/utf8.c utf8_trunc last_byte_p out-of-bounds (GHSA-gg46-3rh2-v765)

Post correlati

CVE-2024-26665 | Linux Kernel up to 5.10.209/5.15.148/6.1.77/6.6.16/6.7.4 ICMPv6 do_csum out-of-bounds

CVE-2024-28200 | N-able N-central 2023.4/2023.6 User Interface authentication bypass

CVE-2023-52363 | Huawei HarmonyOS/EMUI Control Panel Module Privilege Escalation

CVE-2024-27572 | LBT T300-T390 2.2.1.8 HTTP POST Request updateCurAPlist ApCliSsid stack-based overflow