CNNVD-202509-3056 Information

CNNVD ID

CNNVD-202509-3056

Related CVE

CVE-2025-10457

• CNNVD Published: 2025-09-19

Description (Chinese)

Zephyr是Zephyr开源的一个可扩展的实时操作系统 (RTOS)。 Zephyr存在安全漏洞，该漏洞源于BLE连接响应处理函数未验证响应是否预期，仅依赖标识符匹配。

Description (English)

Zephyr is an extended real-time operating system (RTOS) from Zephyr open source. Zephyr has a security loophole, which results from the BLE Connection Response Processing function, which does not verify whether the response is expected and relies only on the identifier matching.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Zephyr

Published

2025-09-19

Last Modified

2026-02-24

References

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xqj6-vh76-2vv8 https://access.redhat.com/security/cve/cve-2025-10457