Use After Free vulnerability in the Zephyr shell allows a serial or telnet connected user to cause denial of service, and possibly remote code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all.
References
Link | Resource |
---|---|
https://docs.zephyrproject.org/1.14.0/releases/release-notes-1.14.html | Release Notes Vendor Advisory |
https://github.com/zephyrproject-rtos/zephyr/pull/13260 | Patch Third Party Advisory |
https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-17 | Broken Link |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: zephyr
Published: 2019-04-19T00:00:00
Updated: 2019-08-29T00:44:16
Reserved: 2017-09-07T00:00:00
Link: CVE-2017-14201
JSON object: View
NVD Information
Status : Modified
Published: 2019-08-29T01:15:10.647
Modified: 2020-05-13T18:22:30.250
Link: CVE-2017-14201
JSON object: View
Redhat Information
No data.
CWE