QSearchQSearch

CVE-2021-3625

9.6 CRITICAL

Buffer overflow in Zephyr USB DFU DNLOAD

Published: 2021-10-05 · Last updated: 2026-06-17

Severity and scoring

CVSS
9.6 CRITICAL
Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
CWE
CWE-122, CWE-787

Affected products

VendorProduct
zephyrprojectzephyr

Description

Buffer overflow in Zephyr USB DFU DNLOAD. Zephyr versions >= v2.5.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3gr-hgvr-f363

Source: NVD

References

Related CVEs

Same vendor

  • CVE-2026-10635 On Xtensa targets with CONFIG_USERSPACE and CONFIG_XTENSA_MMU, the page-table code (arch/xtensa/core/ptables.c) maintains a global list, ... (6.3 MEDIUM)
  • CVE-2021-3455 Disconnecting L2CAP channel right after invalid ATT request leads freeze (4.3 MEDIUM)
  • CVE-2021-3454 Truncated L2CAP K-frame causes assertion failure (4.3 MEDIUM)
  • CVE-2021-3330 RCE/DOS: Linked-list corruption leading to large out-of-bounds write while sorting for forged fragment list in Zephyr (7.1 HIGH)
  • CVE-2021-3323 Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr (8.3 HIGH)

Same CWE

  • CVE-2026-47750 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
  • CVE-2026-47747 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
  • CVE-2026-47964 DNG SDK versions 1.7.1 2536 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code ex... (7.8 HIGH)
  • CVE-2026-47749 stable-diffusion.cpp is a pure C/C++ library for running diffusion model (Stable Diffusion, Flux, Wan, Qwen Image, Z-Image, and more) inf... (7.8 HIGH)
  • CVE-2026-12314 Memory safety bug fixed in Thunderbird 152 (7.5 HIGH)