Upgrade RHEL:8 virt-devel:rhel/netcf to version 0:0.2.8-12.module+el8.6.0+14480+c0a3aa0f or higher. This issue was patched in RHSA-2022:1759 .

https://github.com|zephyrproject-rtos/zephyr vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the https://github.com|zephyrproject-rtos/zephyr package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Heap-based Buffer Overflow	[,3.7.1-rc1)
C Privilege Context Switching Error	[0,4.0.0]
M Out-of-bounds Write	[,3.7.0-rc2)
M Heap-based Buffer Overflow	[,3.7.0-rc2)
M Out-of-bounds Read	[,3.6.0)
H Heap-based Buffer Overflow	[,3.7.0-rc2)
H Out-of-bounds Write	[,3.7.0-rc3)
H Stack-based Buffer Overflow	[,3.7.0-rc1)
H Interpretation Conflict	[,3.7.0-rc1)
H Heap-based Buffer Overflow	[,3.7.0-rc2)
H Improper Input Validation	[,3.7.0-rc1)
M NULL Pointer Dereference	[,3.7.0-rc1)
M Buffer Over-read	[0,)
H Improper Check for Unusual or Exceptional Conditions	[,2.7.6)[3.0.0,3.6.0-rc1)
H Classic Buffer Overflow	[,3.6.0-rc1)
H Incorrect Permission Assignment for Critical Resource	[,3.6.0-rc3)
M Out-of-bounds Write	[,3.6.0-rc1)
H Stack-based Buffer Overflow	[,3.6.0-rc1)
H Incorrect Type Conversion or Cast	[,3.6.0-rc1)
H Integer Overflow or Wraparound	[,3.5.0-rc1)
H Stack-based Buffer Overflow	[,3.5.0-rc1)
M Buffer Overflow	[,3.5.0-rc2)
M Classic Buffer Overflow	[,3.5.0-rc1)
H Buffer Overflow	[,2.7.6)[3.0.0,3.5.0)
H Buffer Overflow	[,3.5.0)
H Improper Check or Handling of Exceptional Conditions	[,3.5.0)
H Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')	[,2.7.6)[3.0.0,3.5.0)
H Buffer Overflow	[,3.5.0)
M Buffer Overflow	[0,)
M Buffer Overflow	[,3.5.0)
H Buffer Overflow	[,3.5.0)
H Incorrect Provision of Specified Functionality	[,3.4)
H Buffer Overflow	[1.14,3.5.0)
M Buffer Overflow	[,3.4.0)
M Denial of Service (DoS)	[,3.4.0)
M Denial of Service (DoS)	[,3.4.0)
M Access of Resource Using Incompatible Type ('Type Confusion')	[,3.4.0)
M Denial of Service (DoS)	[,3.3.0)
M Denial of Service (DoS)	[,2.7.5)[3.0.0,3.3.0)
M Denial of Service (DoS)	[,3.0.0)
C Denial of Service (DoS)	[,2.7.4)[3.0.0,3.1.0)
L Buffer Overflow	[0,)
M Buffer Overflow	[0,)
M Information Exposure	[,3.0.0)
H Buffer Overflow	[,3.0.0)
H Improper Input Validation	[0,3.2.0)
H Denial of Service (DoS)	[,2.7.3)[3.0.0,3.2.0)
H Out-of-bounds Write	[,3.1.0)
H Out-of-bounds Write	[,3.1.0-rc1)
H Out-of-bounds Write	[,3.1.0-rc1)
M Denial of Service (DoS)	[,2.6.0)
M Division by zero	[,2.6.0)
M Buffer Overflow	[2.5.0,2.6.0)
M Improper Check or Handling of Exceptional Conditions	[2.5.0,2.6.0)
M Denial of Service (DoS)	[,2.6.0)
M Information Exposure	[,2.6.0)
C Out-of-Bounds	[1.9.0,1.11.0)
H Attempt to Access Child of a Non-structure Pointer	[1.14.0,2.7.0)
H Incorrect Comparison	[,2.2.0)
H Out-of-bounds Write	[,1.14.2)[2.1.0,2.2.0)
C Out-of-bounds Write	[,1.14.2][2.0.0,2.3.0)
M CVE-2020-10072	[,1.14.2][2.0.0,2.3.0)
M Improper Certificate Validation	[,2.3.0-rc1)
H Buffer Overflow	[2.5.0,2.6.0)
H Out-of-bounds Write	[,1.14.0)[2.0.0,2.2.0)
H Out-of-bounds Write	[,1.14.2][2.0.0,2.5.0)
H Incorrect Comparison	[,2.2.0)
L Insecure Default	[,1.14.2][2.0.0,2.5.0)
C Out-of-bounds Write	[2.5.0,2.7.0)
H Out-of-bounds Write	[,1.14.2][2.0.0,2.5.0)
C Buffer Overflow	[,2.3.0)
H NULL Pointer Dereference	[2.0.0,2.5.0)
C NULL Pointer Dereference	[0,)
H Out-of-Bounds	[,1.14.0)
M Buffer Overflow	[,2.2.0)
C Off-by-one Error	[,2.3.0)
M Use of Multiple Resources with Duplicate Identifier	[,1.14)[2.4.0,2.6.0)
H Integer Overflow or Wraparound	[,2.3.0)
H Use After Free	[,1.14.0)
M NULL Pointer Dereference	[2.4.0,2.5.0)
H Integer Overflow or Wraparound	[,2.2.0)
H Out-of-bounds Write	[,1.14.2][2.0.0,2.3.0)
C Buffer Overflow	[,2.3.0)
C Out-of-bounds Read	[,1.14.2][2.0.0,2.5.0)
H Buffer Overflow	[,1.14.2)[2.0.0,2.2.0)
M Access of Uninitialized Pointer	[2.1.0,2.4.0)
M Improper Input Validation	[,1.14.0)[2.0.0,2.2.0)
M Improper Input Validation	[,1.14.2][2.0.0,2.3.0)
M NULL Pointer Dereference	[,1.14.2][2.0.0,2.3.0)
C Buffer Overflow	[,2.3.0-rc1)
H Improper Input Validation	[,2.2.0)
M Denial of Service (DoS)	[,1.14.2][2.0.0,2.3.0)
H Improper Input Validation	[,2.2.0)
H Integer Overflow or Wraparound	[,1.14.2][2.0.0,2.3.0)

Vulnerability

Vulnerable Version

Heap-based Buffer Overflow

[,3.7.1-rc1)

Privilege Context Switching Error

[0,4.0.0]

Out-of-bounds Write

[,3.7.0-rc2)

Heap-based Buffer Overflow

[,3.7.0-rc2)

Out-of-bounds Read

[,3.6.0)