CVE-2021-3436

BT: Possible to overwrite an existing bond during keys distribution phase when the identity address of the bond is known. Zephyr versions >= 1.14.2, >= 2.4.0, >= 2.5.0 contain Use of Multiple Resources with Duplicate Identifier (CWE-694). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:zephyrproject:zephyr:1.14.2:*:*:*:*:*:*:*
cpe:2.3:o:zephyrproject:zephyr:2.4.0:*:*:*:*:*:*:*
cpe:2.3:o:zephyrproject:zephyr:2.5.0:*:*:*:*:*:*:*

Information

Published : 2021-10-05 21:15

Updated : 2021-10-13 12:39


NVD link : CVE-2021-3436

Mitre link : CVE-2021-3436


JSON object : View

Products Affected

zephyrproject

  • zephyr