admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#4948

Browse Source 
Auto-merge PR#4948
This commit is contained in:
CVE Team 2020-10-02 10:05:24 -04:00 committed by GitHub
commit 1a01b2acbe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 22 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
2020/10xxx/CVE-2020-10060.json
View File

@ -47,7 +47,7 @@
"description_data": [
{
"lang": "eng",
"value": "In updatehub_probe, right after JSON parsing is complete, objects\\[1] is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would reference unitialized stack memory. This could result in a crash, denial of service, or possibly an information leak. Recommend disabling updatehub until such a time as a fix can be made available. Provided the fix in CVE-2020-10059 is applied, the attack requires compromise of the server. See NCC-ZEP-030 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. version 2.2.0 and later versions."
"value": "In updatehub_probe, right after JSON parsing is complete, objects\\[1] is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would reference unitialized stack memory. This could result in a crash, denial of service, or possibly an information leak. Provided the fix in CVE-2020-10059 is applied, the attack requires compromise of the server. See NCC-ZEP-030 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. version 2.2.0 and later versions."
}
]
},
@ -93,6 +93,26 @@
"refsource": "MISC",
"url": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10060",
"name": "https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10060"
},
{
"name": "https://github.com/zephyrproject-rtos/zephyr/pull/27865",
"refsource": "CONFIRM",
"url": "https://github.com/zephyrproject-rtos/zephyr/pull/27865"
},
{
"name": "https://github.com/zephyrproject-rtos/zephyr/pull/27889",
"refsource": "CONFIRM",
"url": "https://github.com/zephyrproject-rtos/zephyr/pull/27889"
},
{
"name": "https://github.com/zephyrproject-rtos/zephyr/pull/27891",
"refsource": "CONFIRM",
"url": "https://github.com/zephyrproject-rtos/zephyr/pull/27891"
},
{
"name": "https://github.com/zephyrproject-rtos/zephyr/pull/27893",
"refsource": "CONFIRM",
"url": "https://github.com/zephyrproject-rtos/zephyr/pull/27893"
}
]
},