In updatehub_probe, right after JSON parsing is complete, objects\ is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would reference unitialized stack memory. This could result in a crash, denial of service, or possibly an information leak. Provided the fix in CVE-2020-10059 is applied, the attack requires compromise of the server. See NCC-ZEP-030 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. version 2.2.0 and later versions.
|https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-37||Third Party Advisory|
|https://github.com/zephyrproject-rtos/zephyr/pull/27889||Patch Third Party Advisory|
|https://github.com/zephyrproject-rtos/zephyr/pull/27865||Patch Third Party Advisory|
|https://github.com/zephyrproject-rtos/zephyr/pull/27893||Patch Third Party Advisory|
|https://github.com/zephyrproject-rtos/zephyr/pull/27891||Patch Third Party Advisory|
Configuration 1 (hide)