CVE-2020-10068 Information

Feb 14, 2021 cve

Description

In the Zephyr project Bluetooth subsystem certain duplicate and back-to-back packets can cause incorrect behavior resulting in a denial of service. This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions and version 1.14.0 and later versions.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://docs.zephyrproject.org/latest/security/vulnerabilities.htmlcve-2020-10068 https://github.com/zephyrproject-rtos/zephyr/pull/23091 https://github.com/zephyrproject-rtos/zephyr/pull/23707 https://github.com/zephyrproject-rtos/zephyr/pull/23708 https://github.com/zephyrproject-rtos/zephyr/pull/23964 https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-78

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

6.5

Share on: