Lines Matching +full:split +full:- +full:security
14 CVE-2017
17 :cve:`2017-14199`
18 -----------------
22 - `Zephyr project bug tracker ZEPSEC-12
23 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-12>`_
25 - `PR6158 fix for 1.11.0
26 <https://github.com/zephyrproject-rtos/zephyr/pull/6158>`_
28 :cve:`2017-14201`
29 -----------------
40 - `Zephyr project bug tracker ZEPSEC-17
41 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-17>`_
43 - `PR13260 fix for v1.14.0
44 <https://github.com/zephyrproject-rtos/zephyr/pull/13260>`_
46 :cve:`2017-14202`
47 -----------------
59 - `Zephyr project bug tracker ZEPSEC-18
60 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-18>`_
62 - `PR13048 fix for v1.14.0
63 <https://github.com/zephyrproject-rtos/zephyr/pull/13048>`_
65 CVE-2019
68 :cve:`2019-9506`
69 ----------------
74 practical brute-force attacks (aka "KNOB") that can decrypt traffic
77 - `Zephyr project bug tracker ZEPSEC-20
78 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-20>`_
80 - `PR18702 fix for v1.14.0
81 <https://github.com/zephyrproject-rtos/zephyr/pull/18702>`_
83 - `PR18659 fix for v2.0.0
84 <https://github.com/zephyrproject-rtos/zephyr/pull/18659>`_
86 CVE-2020
89 :cve:`2020-10019`
90 -----------------
97 - `Zephyr project bug tracker ZEPSEC-25
98 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-25>`_
100 - `PR23460 fix for 1.14.x
101 <https://github.com/zephyrproject-rtos/zephyr/pull/23460>`_
103 - `PR23457 fix for 2.1.x
104 <https://github.com/zephyrproject-rtos/zephyr/pull/23457>`_
106 - `PR23190 fix in 2.2.0
107 <https://github.com/zephyrproject-rtos/zephyr/pull/23190>`_
109 :cve:`2020-10021`
110 -----------------
112 Out-of-bounds write in USB Mass Storage with unaligned sizes
114 Out-of-bounds Write in the USB Mass Storage memoryWrite handler with
117 See NCC-ZEP-024, NCC-ZEP-025, NCC-ZEP-026
121 - `Zephyr project bug tracker ZEPSEC-26
122 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-26>`_
124 - `PR23455 fix for v1.14.2
125 <https://github.com/zephyrproject-rtos/zephyr/pull/23455>`_
127 - `PR23456 fix for the v2.1 branch
128 <https://github.com/zephyrproject-rtos/zephyr/pull/23456>`_
130 - `PR23240 fix for v2.2.0
131 <https://github.com/zephyrproject-rtos/zephyr/pull/23240>`_
133 :cve:`2020-10022`
134 -----------------
136 UpdateHub Module Copies a Variable-Size Hash String Into a Fixed-Size Array
143 See NCC-ZEP-016
148 - `Zephyr project bug tracker ZEPSEC-28
149 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-28>`_
151 - `PR24154 fix for main
152 <https://github.com/zephyrproject-rtos/zephyr/pull/24154>`_
154 - `PR24065 fix for branch from v2.1.0
155 <https://github.com/zephyrproject-rtos/zephyr/pull/24065>`_
157 - `PR24066 fix for branch from v2.2.0
158 <https://github.com/zephyrproject-rtos/zephyr/pull/24066>`_
160 :cve:`2020-10023`
161 -----------------
171 See NCC-ZEP-019
176 - `Zephyr project bug tracker ZEPSEC-29
177 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-29>`_
179 - `PR23646 fix for v1.14.2
180 <https://github.com/zephyrproject-rtos/zephyr/pull/23646>`_
182 - `PR23649 fix for branch from v2.1.0
183 <https://github.com/zephyrproject-rtos/zephyr/pull/23649>`_
185 - `PR23304 fix for v2.2.0
186 <https://github.com/zephyrproject-rtos/zephyr/pull/23304>`_
188 :cve:`2020-10024`
189 -----------------
194 The arm platform-specific code uses a signed integer comparison when
199 See NCC-ZEP-001
204 - `Zephyr project bug tracker ZEPSEC-30
205 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-30>`_
207 - `PR23535 fix for v1.14.2
208 <https://github.com/zephyrproject-rtos/zephyr/pull/23535>`_
210 - `PR23498 fix for branch from v2.1.0
211 <https://github.com/zephyrproject-rtos/zephyr/pull/23498>`_
213 - `PR23323 fix for v2.2.0
214 <https://github.com/zephyrproject-rtos/zephyr/pull/23323>`_
216 :cve:`2020-10027`
217 -----------------
225 See NCC-ZEP-001
230 - `Zephyr project bug tracker ZEPSEC-35
231 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-35>`_
233 - `PR23500 fix for v1.14.2
234 <https://github.com/zephyrproject-rtos/zephyr/pull/23500>`_
236 - `PR23499 fix for branch from v2.1.0
237 <https://github.com/zephyrproject-rtos/zephyr/pull/23499>`_
239 - `PR23328 fix for v2.2.0
240 <https://github.com/zephyrproject-rtos/zephyr/pull/23328>`_
242 :cve:`2020-10028`
243 -----------------
249 See NCC-ZEP-006
254 - `Zephyr project bug tracker ZEPSEC-32
255 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-32>`_
257 - `PR23733 fix for v1.14.2
258 <https://github.com/zephyrproject-rtos/zephyr/pull/23733>`_
260 - `PR23737 fix for branch from v2.1.0
261 <https://github.com/zephyrproject-rtos/zephyr/pull/23737>`_
263 - `PR23308 fix for v2.2.0 (gpio patch)
264 <https://github.com/zephyrproject-rtos/zephyr/pull/23308>`_
266 :cve:`2020-10058`
267 -----------------
275 See NCC-ZEP-006
279 - `Zephyr project bug tracker ZEPSEC-34
280 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-34>`_
282 - `PR23748 fix for branch from v2.1.0
283 <https://github.com/zephyrproject-rtos/zephyr/pull/23748>`_
285 - `PR23308 fix for v2.2.0 (kscan patch)
286 <https://github.com/zephyrproject-rtos/zephyr/pull/23308>`_
288 :cve:`2020-10059`
289 -----------------
298 See NCC-ZEP-018
302 - `Zephyr project bug tracker ZEPSEC-36
303 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-36>`_
305 - `PR24954 fix on main (to be fixed in v2.3.0)
306 <https://github.com/zephyrproject-rtos/zephyr/pull/24954>`_
308 - `PR24954 fix v2.1.0
309 <https://github.com/zephyrproject-rtos/zephyr/pull/24999>`_
311 - `PR24954 fix v2.2.0
312 <https://github.com/zephyrproject-rtos/zephyr/pull/24997>`_
314 :cve:`2020-10060`
315 -----------------
328 See NCC-ZEP-030
332 - `Zephyr project bug tracker ZEPSEC-37
333 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-37>`_
335 - `PR27865 fix on main (to be fixed in v2.4.0)
336 <https://github.com/zephyrproject-rtos/zephyr/pull/27865>`_
338 - `PR27865 fix for v2.3.0
339 <https://github.com/zephyrproject-rtos/zephyr/pull/27889>`_
341 - `PR27865 fix for v2.2.0
342 <https://github.com/zephyrproject-rtos/zephyr/pull/27891>`_
344 - `PR27865 fix for v2.1.0
345 <https://github.com/zephyrproject-rtos/zephyr/pull/27893>`_
347 :cve:`2020-10061`
348 -----------------
352 Improper handling of the full-buffer case in the Zephyr Bluetooth
358 - `Zephyr project bug tracker ZEPSEC-75
359 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-75>`_
361 - `PR23516 fix for v2.3 (split driver)
362 <https://github.com/zephyrproject-rtos/zephyr/pull/23516>`_
364 - `PR23517 fix for v2.3 (legacy driver)
365 <https://github.com/zephyrproject-rtos/zephyr/pull/23517>`_
367 - `PR23091 fix for branch from v1.14.0
368 <https://github.com/zephyrproject-rtos/zephyr/pull/23091>`_
370 - `PR23547 fix for branch from v2.2.0
371 <https://github.com/zephyrproject-rtos/zephyr/pull/23547>`_
373 :cve:`2020-10062`
374 -----------------
378 CVE: An off-by-one error in the Zephyr project MQTT packet length
380 execution. NCC-ZEP-031
382 The MQTT packet header length can be 1 to 4 bytes. An off-by-one error
388 - `Zephyr project bug tracker ZEPSEC-84
389 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-84>`_
391 - `commit 11b7a37d for v2.3
392 …<https://github.com/zephyrproject-rtos/zephyr/pull/23821/commits/11b7a37d9a0b438270421b224221d9192…
394 - `NCC-ZEP report`_ (NCC-ZEP-031)
396 .. _NCC-ZEP report: https://research.nccgroup.com/2020/05/26/research-report-zephyr-and-mcuboot-sec…
398 :cve:`2020-10063`
399 -----------------
409 - `Zephyr project bug tracker ZEPSEC-55
410 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-55>`_
412 - `PR24435 fix in main for v2.3
413 <https://github.com/zephyrproject-rtos/zephyr/pull/24435>`_
415 - `PR24531 fix for branch from v2.2
416 <https://github.com/zephyrproject-rtos/zephyr/pull/24531>`_
418 - `PR24535 fix for branch from v2.1
419 <https://github.com/zephyrproject-rtos/zephyr/pull/24535>`_
421 - `PR24530 fix for branch from v1.14
422 <https://github.com/zephyrproject-rtos/zephyr/pull/24530>`_
424 - `NCC-ZEP report`_ (NCC-ZEP-032)
426 :cve:`2020-10064`
427 -----------------
431 - `Zephyr project bug tracker ZEPSEC-65
432 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-65>`_
434 - `PR24971 fix for v2.4
435 <https://github.com/zephyrproject-rtos/zephyr/pull/24971>`_
437 - `PR33451 fix for v1.4
438 <https://github.com/zephyrproject-rtos/zephyr/pull/33451>`_
440 :cve:`2020-10065`
441 -----------------
443 OOB Write after not validating user-supplied length (<= 0xffff) and
444 copying to fixed-size buffer (default: 77 bytes) for HCI_ACL packets in
447 - `Zephyr project bug tracker ZEPSEC-66
448 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-66>`_
450 - This issue has not been fixed.
452 :cve:`2020-10066`
453 -----------------
460 - `Zephyr project bug tracker ZEPSEC-67
461 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-67>`_
463 - `PR24902 fix for v2.4
464 <https://github.com/zephyrproject-rtos/zephyr/pull/24902>`_
466 - `PR25089 fix for v1.4
467 <https://github.com/zephyrproject-rtos/zephyr/pull/25089>`_
469 :cve:`2020-10067`
470 -----------------
475 bypass security checks performed by system call handlers. The impact
480 See NCC-ZEP-005
484 - `Zephyr project bug tracker ZEPSEC-27
485 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-27>`_
487 - `PR23653 fix for v1.14.2
488 <https://github.com/zephyrproject-rtos/zephyr/pull/23653>`_
490 - `PR23654 fix for the v2.1 branch
491 <https://github.com/zephyrproject-rtos/zephyr/pull/23654>`_
493 - `PR23239 fix for v2.2.0
494 <https://github.com/zephyrproject-rtos/zephyr/pull/23239>`_
496 :cve:`2020-10068`
497 -----------------
502 back-to-back packets can cause incorrect behavior, resulting in a
508 - `Zephyr project bug tracker ZEPSEC-78
509 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-78>`_
511 - `PR23707 fix for v2.3 (split driver)
512 <https://github.com/zephyrproject-rtos/zephyr/pull/23707>`_
514 - `PR23708 fix for v2.3 (legacy driver)
515 <https://github.com/zephyrproject-rtos/zephyr/pull/23708>`_
517 - `PR23091 fix for branch from v1.14.0
518 <https://github.com/zephyrproject-rtos/zephyr/pull/23091>`_
520 - `PR23964 fix for v2.2.0
521 <https://github.com/zephyrproject-rtos/zephyr/pull/23964>`_
523 :cve:`2020-10069`
524 -----------------
534 - `Zephyr project bug tracker ZEPSEC-81
535 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-81>`_
537 - `PR23705 fix for v2.3 (split driver)
538 <https://github.com/zephyrproject-rtos/zephyr/pull/23705>`_
540 - `PR23706 fix for v2.3 (legacy driver)
541 <https://github.com/zephyrproject-rtos/zephyr/pull/23706>`_
543 - `PR23091 fix for branch from v1.14.0
544 <https://github.com/zephyrproject-rtos/zephyr/pull/23091>`_
546 - `PR23963 fix for branch from v2.2.0
547 <https://github.com/zephyrproject-rtos/zephyr/pull/23963>`_
549 :cve:`2020-10070`
550 -----------------
555 in memory corruption and possibly remote code execution. NCC-ZEP-031
563 - `Zephyr project bug tracker ZEPSEC-85
564 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-85>`_
566 - `commit 0b39cbf3 for v2.3
567 …<https://github.com/zephyrproject-rtos/zephyr/pull/23821/commits/0b39cbf3c01d7feec9d0dd7cc7e0e374b…
569 - `NCC-ZEP report`_ (NCC-ZEP-031)
571 :cve:`2020-10071`
572 -----------------
578 potentially remote code execution. NCC-ZEP-031
582 - `Zephyr project bug tracker ZEPSEC-86
583 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-86>`_
585 - `commit 989c4713 fix for v2.3
586 …<https://github.com/zephyrproject-rtos/zephyr/pull/23821/commits/989c4713ba429aa5105fe476b4d629718…
588 - `NCC-ZEP report`_ (NCC-ZEP-031)
590 :cve:`2020-10072`
591 -----------------
600 - `Zephyr project bug tracker ZEPSEC-87
601 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-87>`_
603 - `PR25804 fix for v2.4
604 <https://github.com/zephyrproject-rtos/zephyr/pull/25804>`_
606 - `PR27176 fix for v1.4
607 <https://github.com/zephyrproject-rtos/zephyr/pull/27176>`_
609 :cve:`2020-10136`
610 -----------------
612 IP-in-IP protocol routes arbitrary traffic by default zephyrproject
614 - `Zephyr project bug tracker ZEPSEC-64
615 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-64>`_
617 :cve:`2020-13598`
618 -----------------
625 - `Zephyr project bug tracker ZEPSEC-88
626 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-88>`_
628 - `PR25852 fix for v2.4
629 <https://github.com/zephyrproject-rtos/zephyr/pull/25852>`_
631 - `PR28782 fix for v2.3
632 <https://github.com/zephyrproject-rtos/zephyr/pull/28782>`_
634 - `PR33577 fix for v1.4
635 <https://github.com/zephyrproject-rtos/zephyr/pull/33577>`_
637 :cve:`2020-13599`
638 -----------------
640 Security problem with settings and littlefs
642 When settings is used in combination with littlefs all security
644 this could be used e.g in bt-mesh to get the device key, network key,
647 - `Zephyr project bug tracker ZEPSEC-57
648 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-57>`_
650 - `PR26083 fix for v2.4
651 <https://github.com/zephyrproject-rtos/zephyr/pull/26083>`_
653 :cve:`2020-13600`
654 -----------------
659 - `Zephyr project bug tracker ZEPSEC-91
660 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-91>`_
662 - `PR26712 fix for v2.4
663 <https://github.com/zephyrproject-rtos/zephyr/pull/26712>`_
665 :cve:`2020-13601`
666 -----------------
670 - `Zephyr project bug tracker ZEPSEC-92
671 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-92>`_
673 - `PR27774 fix for v2.4
674 <https://github.com/zephyrproject-rtos/zephyr/pull/27774>`_
676 - `PR30503 fix for v1.4
677 <https://github.com/zephyrproject-rtos/zephyr/pull/30503>`_
679 :cve:`2020-13602`
680 -----------------
687 - `Zephyr project bug tracker ZEPSEC-56
688 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-56>`_
690 - `PR26571 fix for v2.4
691 <https://github.com/zephyrproject-rtos/zephyr/pull/26571>`_
693 - `PR33578 fix for v1.4
694 <https://github.com/zephyrproject-rtos/zephyr/pull/33578>`_
696 :cve:`2020-13603`
697 -----------------
701 * Zephyr offers pre-built 'malloc' wrapper function instead.
704 * Asking for very large size values leads to internal integer wrap-around.
705 * Integer wrap-around leads to successful allocation of very small memory.
709 - `Zephyr project bug tracker ZEPSEC-111
710 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-111>`_
712 - `PR31796 fix for v2.4
713 <https://github.com/zephyrproject-rtos/zephyr/pull/31796>`_
715 - `PR32808 fix for v1.4
716 <https://github.com/zephyrproject-rtos/zephyr/pull/26571>`_
718 CVE-2021
721 :cve:`2021-3319`
722 ----------------
731 - `Zephyr project bug tracker GHSA-94jg-2p6q-5364
732 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94jg-2p6q-5364>`_
734 - `PR31908 fix for main
735 <https://github.com/zephyrproject-rtos/zephyr/pull/31908>`_
737 :cve:`2021-3320`
738 ----------------
743 - `PR31908 fix for main
744 <https://github.com/zephyrproject-rtos/zephyr/pull/31908>`_
746 :cve:`2021-3321`
747 ----------------
752 - `Zephyr project bug tracker ZEPSEC-114
753 <https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-114>`_
755 - `PR33453 fix for v2.4
756 <https://github.com/zephyrproject-rtos/zephyr/pull/33453>`_
758 :cve:`2021-3323`
759 ----------------
765 - `Zephyr project bug tracker GHSA-89j6-qpxf-pfpc
766 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-89j6-qpxf-pfpc>`_
768 - `PR 31971 fix for main
769 <https://github.com/zephyrproject-rtos/zephyr/pull/31971>`_
771 :cve:`2021-3430`
772 ----------------
778 - `Zephyr project bug tracker GHSA-46h3-hjcq-2jjr
779 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr>`_
781 - `PR 33272 fix for main
782 <https://github.com/zephyrproject-rtos/zephyr/pull/33272>`_
784 - `PR 33369 fix for 2.5
785 <https://github.com/zephyrproject-rtos/zephyr/pull/33369>`_
787 - `PR 33759 fix for 1.14.2
788 <https://github.com/zephyrproject-rtos/zephyr/pull/33759>`_
790 :cve:`2021-3431`
791 ----------------
797 - `Zephyr project bug tracker GHSA-7548-5m6f-mqv9
798 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7548-5m6f-mqv9>`_
800 - `PR 33340 fix for main
801 <https://github.com/zephyrproject-rtos/zephyr/pull/33340>`_
803 - `PR 33369 fix for 2.5
804 <https://github.com/zephyrproject-rtos/zephyr/pull/33369>`_
806 :cve:`2021-3432`
807 ----------------
813 - `Zephyr project bug tracker GHSA-7364-p4wc-8mj4
814 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4>`_
816 - `PR 33278 fix for main
817 <https://github.com/zephyrproject-rtos/zephyr/pull/33278>`_
819 - `PR 33369 fix for 2.5
820 <https://github.com/zephyrproject-rtos/zephyr/pull/33369>`_
822 :cve:`2021-3433`
823 ----------------
829 - `Zephyr project bug tracker GHSA-3c2f-w4v6-qxrp
830 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp>`_
832 - `PR 33278 fix for main
833 <https://github.com/zephyrproject-rtos/zephyr/pull/33278>`_
835 - `PR 33369 fix for 2.5
836 <https://github.com/zephyrproject-rtos/zephyr/pull/33369>`_
838 :cve:`2021-3434`
839 ----------------
845 - `Zephyr project bug tracker GHSA-8w87-6rfp-cfrm
846 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm>`_
848 - `PR 33305 fix for main
849 <https://github.com/zephyrproject-rtos/zephyr/pull/33305>`_
851 - `PR 33419 fix for 2.5
852 <https://github.com/zephyrproject-rtos/zephyr/pull/33419>`_
854 - `PR 33418 fix for 1.14.2
855 <https://github.com/zephyrproject-rtos/zephyr/pull/33418>`_
857 :cve:`2021-3435`
858 ----------------
864 - `Zephyr project bug tracker GHSA-xhg3-gvj6-4rqh
865 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xhg3-gvj6-4rqh>`_
867 - `PR 33305 fix for main
868 <https://github.com/zephyrproject-rtos/zephyr/pull/33305>`_
870 - `PR 33419 fix for 2.5
871 <https://github.com/zephyrproject-rtos/zephyr/pull/33419>`_
873 - `PR 33418 fix for 1.14.2
874 <https://github.com/zephyrproject-rtos/zephyr/pull/33418>`_
876 :cve:`2021-3436`
877 ----------------
889 - `Zephyr project bug tracker GHSA-j76f-35mc-4h63
890 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j76f-35mc-4h63>`_
892 - `PR 33266 fix for main
893 <https://github.com/zephyrproject-rtos/zephyr/pull/33266>`_
895 - `PR 33432 fix for 2.5
896 <https://github.com/zephyrproject-rtos/zephyr/pull/33432>`_
898 - `PR 33433 fix for 2.4
899 <https://github.com/zephyrproject-rtos/zephyr/pull/33433>`_
901 - `PR 33718 fix for 1.14.2
902 <https://github.com/zephyrproject-rtos/zephyr/pull/33718>`_
904 :cve:`2021-3454`
905 ----------------
907 Truncated L2CAP K-frame causes assertion failure
909 For example, sending L2CAP K-frame where SDU length field is truncated
916 - `Zephyr project bug tracker GHSA-fx88-6c29-vrp3
917 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx88-6c29-vrp3>`_
919 - `PR 32588 fix for main
920 <https://github.com/zephyrproject-rtos/zephyr/pull/32588>`_
922 - `PR 33513 fix for 2.5
923 <https://github.com/zephyrproject-rtos/zephyr/pull/33513>`_
925 - `PR 33514 fix for 2.4
926 <https://github.com/zephyrproject-rtos/zephyr/pull/33514>`_
928 :cve:`2021-3455`
929 ----------------
939 - `Zephyr project bug tracker GHSA-7g38-3x9v-v7vp
940 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7g38-3x9v-v7vp>`_
942 - `PR 35597 fix for main
943 <https://github.com/zephyrproject-rtos/zephyr/pull/35597>`_
945 - `PR 36104 fix for 2.5
946 <https://github.com/zephyrproject-rtos/zephyr/pull/36104>`_
948 - `PR 36105 fix for 2.4
949 <https://github.com/zephyrproject-rtos/zephyr/pull/36105>`_
951 :cve:`2021-3510`
952 ----------------
958 union. arr_parse then takes the offset of the array-object (which has
964 - `Zephyr project bug tracker GHSA-289f-7mw3-2qf4
965 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-289f-7mw3-2qf4>`_
967 - `PR 36340 fix for main
968 <https://github.com/zephyrproject-rtos/zephyr/pull/36340>`_
970 - `PR 37816 fix for 2.6
971 <https://github.com/zephyrproject-rtos/zephyr/pull/37816>`_
973 :cve:`2021-3581`
974 ----------------
985 - `Zephyr project bug tracker GHSA-8q65-5gqf-fmw5
986 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8q65-5gqf-fmw5>`_
988 - `PR 35935 fix for main
989 <https://github.com/zephyrproject-rtos/zephyr/pull/35935>`_
991 - `PR 35984 fix for 2.5
992 <https://github.com/zephyrproject-rtos/zephyr/pull/35984>`_
994 - `PR 35985 fix for 2.4
995 <https://github.com/zephyrproject-rtos/zephyr/pull/35985>`_
997 - `PR 35985 fix for 1.14
998 <https://github.com/zephyrproject-rtos/zephyr/pull/35985>`_
1000 :cve:`2021-3625`
1001 ----------------
1007 - `Zephyr project bug tracker GHSA-c3gr-hgvr-f363
1008 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363>`_
1010 - `PR 36694 fix for main
1011 <https://github.com/zephyrproject-rtos/zephyr/pull/36694>`_
1013 :cve:`2021-3835`
1014 ----------------
1020 - `Zephyr project bug tracker GHSA-fm6v-8625-99jf
1021 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fm6v-8625-99jf>`_
1023 - `PR 42093 fix for main
1024 <https://github.com/zephyrproject-rtos/zephyr/pull/42093>`_
1026 - `PR 42167 fix for 2.7
1027 <https://github.com/zephyrproject-rtos/zephyr/pull/42167>`_
1029 :cve:`2021-3861`
1030 ----------------
1036 - `Zephyr project bug tracker GHSA-hvfp-w4h8-gxvj
1037 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hvfp-w4h8-gxvj>`_
1039 - `PR 39725 fix for main
1040 <https://github.com/zephyrproject-rtos/zephyr/pull/39725>`_
1042 :cve:`2021-3966`
1043 ----------------
1049 - `Zephyr project bug tracker GHSA-hfxq-3w6x-fv2m
1050 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hfxq-3w6x-fv2m>`_
1052 - `PR 42093 fix for main
1053 <https://github.com/zephyrproject-rtos/zephyr/pull/42093>`_
1055 - `PR 42167 fix for v2.7.0
1056 <https://github.com/zephyrproject-rtos/zephyr/pull/42167>`_
1058 CVE-2022
1061 :cve:`2022-0553`
1062 ----------------
1068 - `Zephyr project bug tracker GHSA-wrj2-9vj9-rrcp
1069 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wrj2-9vj9-rrcp>`_
1071 - `PR 42424 fix for main
1072 <https://github.com/zephyrproject-rtos/zephyr/pull/42424>`_
1074 :cve:`2022-1041`
1075 ----------------
1077 Out-of-bound write vulnerability in the Bluetooth Mesh core stack can be triggered during provision…
1081 - `Zephyr project bug tracker GHSA-p449-9hv9-pj38
1082 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p449-9hv9-pj38>`_
1084 - `PR 45136 fix for main
1085 <https://github.com/zephyrproject-rtos/zephyr/pull/45136>`_
1087 - `PR 45188 fix for v3.0.0
1088 <https://github.com/zephyrproject-rtos/zephyr/pull/45188>`_
1090 - `PR 45187 fix for v2.7.0
1091 <https://github.com/zephyrproject-rtos/zephyr/pull/45187>`_
1093 :cve:`2022-1042`
1094 ----------------
1096 Out-of-bound write vulnerability in the Bluetooth Mesh core stack can be triggered during provision…
1100 - `Zephyr project bug tracker GHSA-j7v7-w73r-mm5x
1101 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j7v7-w73r-mm5x>`_
1103 - `PR 45066 fix for main
1104 <https://github.com/zephyrproject-rtos/zephyr/pull/45066>`_
1106 - `PR 45135 fix for v3.0.0
1107 <https://github.com/zephyrproject-rtos/zephyr/pull/45135>`_
1109 - `PR 45134 fix for v2.7.0
1110 <https://github.com/zephyrproject-rtos/zephyr/pull/45134>`_
1112 :cve:`2022-1841`
1113 ----------------
1115 Out-of-Bound Write in tcp_flags
1119 - `Zephyr project bug tracker GHSA-5c3j-p8cr-2pgh
1120 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-5c3j-p8cr-2pgh>`_
1122 - `PR 45796 fix for main
1123 <https://github.com/zephyrproject-rtos/zephyr/pull/45796>`_
1125 :cve:`2022-2741`
1126 ----------------
1128 can: denial-of-service can be triggered by a crafted CAN frame
1132 - `Zephyr project bug tracker GHSA-hx5v-j59q-c3j8
1133 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hx5v-j59q-c3j8>`_
1135 - `PR 47903 fix for main
1136 <https://github.com/zephyrproject-rtos/zephyr/pull/47903>`_
1138 - `PR 47957 fix for v3.1.0
1139 <https://github.com/zephyrproject-rtos/zephyr/pull/47957>`_
1141 - `PR 47958 fix for v3.0.0
1142 <https://github.com/zephyrproject-rtos/zephyr/pull/47958>`_
1144 - `PR 47959 fix for v2.7.0
1145 <https://github.com/zephyrproject-rtos/zephyr/pull/47959>`_
1147 :cve:`2022-2993`
1148 ----------------
1154 - `Zephyr project bug tracker GHSA-3286-jgjx-8cvr
1155 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3286-jgjx-8cvr>`_
1157 - `PR 48733 fix for main
1158 <https://github.com/zephyrproject-rtos/zephyr/pull/48733>`_
1160 :cve:`2022-3806`
1161 ----------------
1165 - `Zephyr project bug tracker GHSA-w525-fm68-ppq3
1166 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-w525-fm68-ppq3>`_
1168 CVE-2023
1171 :cve:`2023-0396`
1172 ----------------
1176 - `Zephyr project bug tracker GHSA-8rpp-6vxq-pqg3
1177 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8rpp-6vxq-pqg3>`_
1179 :cve:`2023-0397`
1180 ----------------
1184 - `Zephyr project bug tracker GHSA-wc2h-h868-q7hj
1185 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wc2h-h868-q7hj>`_
1189 - `PR 54905 fix for main
1190 <https://github.com/zephyrproject-rtos/zephyr/pull/54905>`_
1192 - `PR 47957 fix for v3.2.0
1193 <https://github.com/zephyrproject-rtos/zephyr/pull/55024>`_
1195 - `PR 47958 fix for v3.1.0
1196 <https://github.com/zephyrproject-rtos/zephyr/pull/55023>`_
1198 - `PR 47959 fix for v2.7.4
1199 <https://github.com/zephyrproject-rtos/zephyr/pull/55022>`_
1201 :cve:`2023-0779`
1202 ----------------
1206 - `Zephyr project bug tracker GHSA-9xj8-6989-r549
1207 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-9xj8-6989-r549>`_
1211 - `PR 54371 fix for main
1212 <https://github.com/zephyrproject-rtos/zephyr/pull/54371>`_
1214 - `PR 54380 fix for v3.2.0
1215 <https://github.com/zephyrproject-rtos/zephyr/pull/54380>`_
1217 - `PR 54381 fix for v2.7.4
1218 <https://github.com/zephyrproject-rtos/zephyr/pull/54381>`_
1220 :cve:`2023-1901`
1221 ----------------
1223 HCI send_sync Dangling Semaphore Reference Re-use
1225 - `Zephyr project bug tracker GHSA-xvvm-8mcm-9cq3
1226 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xvvm-8mcm-9cq3>`_
1230 - `PR 56709 fix for main
1231 <https://github.com/zephyrproject-rtos/zephyr/pull/56709>`_
1233 :cve:`2023-1902`
1234 ----------------
1236 HCI Connection Creation Dangling State Reference Re-use
1238 - `Zephyr project bug tracker GHSA-fx9g-8fr2-q899
1239 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fx9g-8fr2-q899>`_
1243 - `PR 56709 fix for main
1244 <https://github.com/zephyrproject-rtos/zephyr/pull/56709>`_
1246 :cve:`2023-3725`
1247 ----------------
1251 - `Zephyr project bug tracker GHSA-2g3m-p6c7-8rr3
1252 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-2g3m-p6c7-8rr3>`_
1256 - `PR 61502 fix for main
1257 <https://github.com/zephyrproject-rtos/zephyr/pull/61502>`_
1259 - `PR 61518 fix for 3.4
1260 <https://github.com/zephyrproject-rtos/zephyr/pull/61518>`_
1262 - `PR 61517 fix for 3.3
1263 <https://github.com/zephyrproject-rtos/zephyr/pull/61517>`_
1265 - `PR 61516 fix for 2.7
1266 <https://github.com/zephyrproject-rtos/zephyr/pull/61516>`_
1268 :cve:`2023-4257`
1269 ----------------
1274 - `Zephyr project bug tracker GHSA-853q-q69w-gf5j
1275 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-853q-q69w-gf5j>`_
1279 - `PR 605377 fix for main
1280 <https://github.com/zephyrproject-rtos/zephyr/pull/605377>`_
1282 - `PR 61383 fix for 3.4
1283 <https://github.com/zephyrproject-rtos/zephyr/pull/61383>`_
1285 :cve:`2023-4258`
1286 ----------------
1290 - `Zephyr project bug tracker GHSA-m34c-cp63-rwh7
1291 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-m34c-cp63-rwh7>`_
1295 - `PR 59467 fix for main
1296 <https://github.com/zephyrproject-rtos/zephyr/pull/59467>`_
1298 - `PR 60078 fix for 3.4
1299 <https://github.com/zephyrproject-rtos/zephyr/pull/60078>`_
1301 - `PR 60079 fix for 3.3
1302 <https://github.com/zephyrproject-rtos/zephyr/pull/60079>`_
1304 :cve:`2023-4259`
1305 ----------------
1307 Buffer overflow vulnerabilities in the Zephyr eS-WiFi driver
1309 - `Zephyr project bug tracker GHSA-gghm-c696-f4j4
1310 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gghm-c696-f4j4>`_
1314 - `PR 63074 fix for main
1315 <https://github.com/zephyrproject-rtos/zephyr/pull/63074>`_
1317 - `PR 63750 fix for main
1318 <https://github.com/zephyrproject-rtos/zephyr/pull/63750>`_
1320 :cve:`2023-4260`
1321 ----------------
1323 Off-by-one buffer overflow vulnerability in the Zephyr FS subsystem
1325 - `Zephyr project bug tracker GHSA-gj27-862r-55wh
1326 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gj27-862r-55wh>`_
1330 - `PR 63079 fix for main
1331 <https://github.com/zephyrproject-rtos/zephyr/pull/63079>`_
1333 :cve:`2023-4262`
1334 ----------------
1336 - This issue has been determined to be a false positive after further analysis.
1338 :cve:`2023-4263`
1339 ----------------
1343 - `Zephyr project bug tracker GHSA-rf6q-rhhp-pqhf
1344 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rf6q-rhhp-pqhf>`_
1348 - `PR 60528 fix for main
1349 <https://github.com/zephyrproject-rtos/zephyr/pull/60528>`_
1351 - `PR 61384 fix for 3.4
1352 <https://github.com/zephyrproject-rtos/zephyr/pull/61384>`_
1354 - `PR 61216 fix for 2.7
1355 <https://github.com/zephyrproject-rtos/zephyr/pull/61216>`_
1357 :cve:`2023-4264`
1358 ----------------
1362 - `Zephyr project bug tracker GHSA-rgx6-3w4j-gf5j
1363 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rgx6-3w4j-gf5j>`_
1367 - `PR 58834 fix for main
1368 <https://github.com/zephyrproject-rtos/zephyr/pull/58834>`_
1370 - `PR 60465 fix for main
1371 <https://github.com/zephyrproject-rtos/zephyr/pull/60465>`_
1373 - `PR 61845 fix for main
1374 <https://github.com/zephyrproject-rtos/zephyr/pull/61845>`_
1376 - `PR 61385 fix for 3.4
1377 <https://github.com/zephyrproject-rtos/zephyr/pull/61385>`_
1379 :cve:`2023-4265`
1380 ----------------
1384 - `Zephyr project bug tracker GHSA-4vgv-5r6q-r6xh
1385 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-4vgv-5r6q-r6xh>`_
1389 - `PR 59157 fix for main
1390 <https://github.com/zephyrproject-rtos/zephyr/pull/59157>`_
1391 - `PR 59018 fix for main
1392 <https://github.com/zephyrproject-rtos/zephyr/pull/59018>`_
1394 :cve:`2023-4424`
1395 ----------------
1399 - `Zephyr project bug tracker GHSA-j4qm-xgpf-qjw3
1400 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j4qm-xgpf-qjw3>`_
1404 - `PR 61651 fix for main
1405 <https://github.com/zephyrproject-rtos/zephyr/pull/61651>`_
1407 - `PR 61696 fix for 3.4
1408 <https://github.com/zephyrproject-rtos/zephyr/pull/61696>`_
1410 - `PR 61695 fix for 3.3
1411 <https://github.com/zephyrproject-rtos/zephyr/pull/61695>`_
1413 - `PR 61694 fix for 2.7
1414 <https://github.com/zephyrproject-rtos/zephyr/pull/61694>`_
1417 :cve:`2023-5055`
1418 ----------------
1422 - `Zephyr project bug tracker GHSA-wr8r-7f8x-24jj
1423 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wr8r-7f8x-24jj>`_
1427 - `PR 62381 fix for main
1428 <https://github.com/zephyrproject-rtos/zephyr/pull/62381>`_
1431 :cve:`2023-5139`
1432 ----------------
1436 - `Zephyr project bug tracker GHSA-rhrc-pcxp-4453
1437 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rhrc-pcxp-4453>`_
1441 - `PR 61839 fix for main
1442 <https://github.com/zephyrproject-rtos/zephyr/pull/61839>`_
1444 :cve:`2023-5184`
1445 ----------------
1450 - `Zephyr project bug tracker GHSA-8x3p-q3r5-xh9g
1451 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g>`_
1455 - `PR 63069 fix for main
1456 <https://github.com/zephyrproject-rtos/zephyr/pull/63069>`_
1458 :cve:`2023-5563`
1459 ----------------
1462 from a bus-off event when built with CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=y. This
1465 - `Zephyr project bug tracker GHSA-98mc-rj7w-7rpv
1466 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-98mc-rj7w-7rpv>`_
1470 - `PR 63713 fix for main
1471 <https://github.com/zephyrproject-rtos/zephyr/pull/63713>`_
1473 - `PR 63718 fix for 3.4
1474 <https://github.com/zephyrproject-rtos/zephyr/pull/63718>`_
1476 - `PR 63717 fix for 3.3
1477 <https://github.com/zephyrproject-rtos/zephyr/pull/63717>`_
1479 :cve:`2023-5753`
1480 ----------------
1485 - `Zephyr project bug tracker GHSA-hmpr-px56-rvww
1486 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hmpr-px56-rvww>`_
1490 - `PR 63605 fix for main
1491 <https://github.com/zephyrproject-rtos/zephyr/pull/63605>`_
1494 :cve:`2023-5779`
1495 ----------------
1499 - `Zephyr project bug tracker GHSA-7cmj-963q-jj47
1500 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7cmj-963q-jj47>`_
1504 - `PR 64399 fix for main
1505 <https://github.com/zephyrproject-rtos/zephyr/pull/64399>`_
1507 - `PR 64416 fix for 3.5
1508 <https://github.com/zephyrproject-rtos/zephyr/pull/64416>`_
1510 - `PR 64415 fix for 3.4
1511 <https://github.com/zephyrproject-rtos/zephyr/pull/64415>`_
1513 - `PR 64427 fix for 3.3
1514 <https://github.com/zephyrproject-rtos/zephyr/pull/64427>`_
1516 - `PR 64431 fix for 2.7
1517 <https://github.com/zephyrproject-rtos/zephyr/pull/64431>`_
1519 :cve:`2023-6249`
1520 ----------------
1524 - `Zephyr project bug tracker GHSA-32f5-3p9h-2rqc
1525 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-32f5-3p9h-2rqc>`_
1529 - `PR 65546 fix for main
1530 <https://github.com/zephyrproject-rtos/zephyr/pull/65546>`_
1532 :cve:`2023-6749`
1533 ----------------
1537 - `Zephyr project bug tracker GHSA-757h-rw37-66hw
1538 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-757h-rw37-66hw>`_
1542 - `PR 66451 fix for main
1543 <https://github.com/zephyrproject-rtos/zephyr/pull/66451>`_
1545 - `PR 66584 fix for 3.5
1546 <https://github.com/zephyrproject-rtos/zephyr/pull/66584>`_
1548 :cve:`2023-6881`
1549 ----------------
1553 - `Zephyr project bug tracker GHSA-mh67-4h3q-p437
1554 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-mh67-4h3q-p437>`_
1558 - `PR 66592 fix for main
1559 <https://github.com/zephyrproject-rtos/zephyr/pull/66592>`_
1561 :cve:`2023-7060`
1562 ----------------
1564 Missing Security Control in Zephyr OS IP Packet Handling
1566 - `Zephyr project bug tracker GHSA-fjc8-223c-qgqr
1567 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-fjc8-223c-qgqr>`_
1571 - `PR 66645 fix for main
1572 <https://github.com/zephyrproject-rtos/zephyr/pull/66645>`_
1574 - `PR 66739 fix for 3.5
1575 <https://github.com/zephyrproject-rtos/zephyr/pull/66739>`_
1577 - `PR 66738 fix for 3.4
1578 <https://github.com/zephyrproject-rtos/zephyr/pull/66738>`_
1580 - `PR 66887 fix for 2.7
1581 <https://github.com/zephyrproject-rtos/zephyr/pull/66887>`_
1583 CVE-2024
1586 :cve:`2024-1638`
1587 ----------------
1589 Bluetooth characteristic LESC security requirement not enforced without additional flags
1591 - `Zephyr project bug tracker GHSA-p6f3-f63q-5mc2
1592 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p6f3-f63q-5mc2>`_
1596 - `PR 69170 fix for main
1597 <https://github.com/zephyrproject-rtos/zephyr/pull/69170>`_
1599 :cve:`2024-3077`
1600 ----------------
1605 - `Zephyr project bug tracker GHSA-gmfv-4vfh-2mh8
1606 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gmfv-4vfh-2mh8>`_
1610 - `PR 69396 fix for main
1611 <https://github.com/zephyrproject-rtos/zephyr/pull/69396>`_
1613 :cve:`2024-3332`
1614 ----------------
1621 - `Zephyr project bug tracker GHSA-jmr9-xw2v-5vf4
1622 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-jmr9-xw2v-5vf4>`_
1626 - `PR 71030 fix for main
1627 <https://github.com/zephyrproject-rtos/zephyr/pull/71030>`_
1630 :cve:`2024-4785`
1631 ----------------
1635 - `Zephyr project bug tracker GHSA-xcr5-5g98-mchp
1636 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xcr5-5g98-mchp>`_
1640 - `PR 72608 fix for main
1641 <https://github.com/zephyrproject-rtos/zephyr/pull/72608>`_
1643 :cve:`2024-5754`
1644 ----------------
1648 - `Zephyr project bug tracker GHSA-gvv5-66hw-5qrc
1649 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gvv5-66hw-5qrc>`_
1653 - `PR 7395 fix for main
1654 <https://github.com/zephyrproject-rtos/zephyr/pull/7395>`_
1656 - `PR 74124 fix for 3.6
1657 <https://github.com/zephyrproject-rtos/zephyr/pull/74124>`_
1659 - `PR 74123 fix for 3.5
1660 <https://github.com/zephyrproject-rtos/zephyr/pull/74123>`_
1662 - `PR 74122 fix for 2.7
1663 <https://github.com/zephyrproject-rtos/zephyr/pull/74122>`_
1665 :cve:`2024-5931`
1666 ----------------
1670 - `Zephyr project bug tracker GHSA-r8h3-64gp-wv7f
1671 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-r8h3-64gp-wv7f>`_
1675 - `PR 74062 fix for main
1676 <https://github.com/zephyrproject-rtos/zephyr/pull/74062>`_
1678 - `PR 77966 fix for 3.6
1679 <https://github.com/zephyrproject-rtos/zephyr/pull/77966>`_
1682 :cve:`2024-6135`
1683 ----------------
1687 - `Zephyr project bug tracker GHSA-2mp4-4g6f-cqcx
1688 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-2mp4-4g6f-cqcx>`_
1692 - `PR 74283 fix for main
1693 <https://github.com/zephyrproject-rtos/zephyr/pull/74283>`_
1695 - `PR 77964 fix for 3.6
1696 <https://github.com/zephyrproject-rtos/zephyr/pull/77964>`_
1698 :cve:`2024-6137`
1699 ----------------
1703 - `Zephyr project bug tracker GHSA-pm38-7g85-cf4f
1704 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-pm38-7g85-cf4f>`_
1708 - `PR 75575 fix for main
1709 <https://github.com/zephyrproject-rtos/zephyr/pull/75575>`_
1711 :cve:`2024-6258`
1712 ----------------
1716 - `Zephyr project bug tracker GHSA-7833-fcpm-3ggm
1717 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7833-fcpm-3ggm>`_
1721 - `PR 74640 fix for main
1722 <https://github.com/zephyrproject-rtos/zephyr/pull/74640>`_
1724 :cve:`2024-6259`
1725 ----------------
1729 - `Zephyr project bug tracker GHSA-p5j7-v26w-wmcp
1730 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-p5j7-v26w-wmcp>`_
1734 - `PR 74639 fix for main
1735 <https://github.com/zephyrproject-rtos/zephyr/pull/74639>`_
1737 - `PR 77960 fix for 3.6
1738 <https://github.com/zephyrproject-rtos/zephyr/pull/77960>`_
1740 :cve:`2024-6442`
1741 ----------------
1745 - `Zephyr project bug tracker GHSA-m22j-ccg7-4v4h
1746 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-m22j-ccg7-4v4h>`_
1750 - `PR 74976 fix for main
1751 <https://github.com/zephyrproject-rtos/zephyr/pull/74976>`_
1753 - `PR 77958 fix for 3.6
1754 <https://github.com/zephyrproject-rtos/zephyr/pull/77958>`_
1756 :cve:`2024-6443`
1757 ----------------
1759 zephyr: out-of-bound read in utf8_trunc
1761 - `Zephyr project bug tracker GHSA-gg46-3rh2-v765
1762 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gg46-3rh2-v765>`_
1766 - `PR 74949 fix for main
1767 <https://github.com/zephyrproject-rtos/zephyr/pull/74949>`_
1769 - `PR 78286 fix for 3.6
1770 <https://github.com/zephyrproject-rtos/zephyr/pull/78286>`_
1772 :cve:`2024-6444`
1773 ----------------
1777 - `Zephyr project bug tracker GHSA-qj4r-chj6-h7qp
1778 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-qj4r-chj6-h7qp>`_
1782 - `PR 74944 fix for main
1783 <https://github.com/zephyrproject-rtos/zephyr/pull/74944>`_
1785 - `PR 77954 fix for 3.6
1786 <https://github.com/zephyrproject-rtos/zephyr/pull/77954>`_
1788 :cve:`2024-8798`
1789 ----------------
1793 - `Zephyr project bug tracker GHSA-r7pm-f93f-f7fp
1794 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-r7pm-f93f-f7fp>`_
1798 - `PR 77969 fix for main
1799 <https://github.com/zephyrproject-rtos/zephyr/pull/77969>`_
1801 - `PR 78409 fix for 3.7
1802 <https://github.com/zephyrproject-rtos/zephyr/pull/78409>`_
1804 :cve:`2024-10395`
1805 -----------------
1807 Under embargo until 2025-01-23
1809 :cve:`2024-11263`
1810 -----------------
1812 arch: riscv: userspace: potential security risk when CONFIG_RISCV_GP=y
1817 - `Zephyr project bug tracker GHSA-jjf3-7x72-pqm9
1818 <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-jjf3-7x72-pqm9>`_
1822 - `PR 81155 fix for main
1823 <https://github.com/zephyrproject-rtos/zephyr/pull/81155>`_
1825 - `PR 81370 fix for 3.7
1826 <https://github.com/zephyrproject-rtos/zephyr/pull/81370>`_