patrick/zephyr
1
0
Fork 0
Code Issues Pull requests Actions 7 Packages Projects Releases Wiki Activity

doc: vuln: Disclose information about CVE-2023-5139

Browse source 
Information about CVE-2023-5139

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This commit is contained in:
Flavio Ceolin 2023-10-25 21:41:33 -07:00 committed by Carles Cufí
parent a1024f6aeb
commit 253e266fc5
1 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
doc/security/vulnerabilities.rst
View file

@ -1511,7 +1511,15 @@ Under embargo until 2023/11/01
CVE-2023-5139 CVE-2023-5139
------------- -------------
Under embargo until 2023/10/25 Potential buffer overflow vulnerability in the Zephyr STM32 Crypto driver.
- `Zephyr project bug tracker GHSA-rhrc-pcxp-4453
<https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rhrc-pcxp-4453>`_
This has been fixed in main for v3.5.0
- `PR 61839 fix for main
<https://github.com/zephyrproject-rtos/zephyr/pull/61839>`_
CVE-2023-5184 CVE-2023-5184
------------- -------------