CVE-2020-10022

Published May 11th, 2020

View on NVD ↗

CVSS v3

CRITICAL

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

A malformed JSON payload that is received from an UpdateHub server may trigger memory corruption in the Zephyr OS. This could result in a denial of service in the best case, or code execution in the worst case. See NCC-NCC-016 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. version 2.2.0 and later versions.

zephyrproject-rtos/zephyr

Primary Git Repository for the Zephyr Project. Zephyr is a new generation, scalable, optimized, secure RTOS for multiple hardware architectures.

GitHub

15.5K