Libcsp
by Libcsp
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-8598 | Cri | 0.64 | 9.8 | 0.02 | Oct 28, 2016 | Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp library v1.4 and earlier allows hostile computers connected via a zmq interface to execute arbitrary code via a long packet. | ||
| CVE-2016-8597 | Cri | 0.64 | 9.8 | 0.02 | Oct 28, 2016 | Buffer overflow in the csp_sfp_recv_fp in csp_sfp.c in the libcsp library v1.4 and earlier allows hostile components with network access to the SFP underlying network layers to execute arbitrary code via specially crafted SFP packets. | ||
| CVE-2016-8596 | Cri | 0.64 | 9.8 | 0.02 | Oct 28, 2016 | Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet. | ||
| CVE-2025-51824 | 0.00 | — | 0.00 | Aug 11, 2025 | libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart/zephyr.c. | |||
| CVE-2025-51823 | 0.00 | — | 0.00 | Aug 11, 2025 | libcsp 2.0 is vulnerable to Buffer Overflow in the csp_eth_init() function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a structure member (ctx->name) without validating the input length. |
- risk 0.64cvss 9.8epss 0.02
Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp library v1.4 and earlier allows hostile computers connected via a zmq interface to execute arbitrary code via a long packet.
- risk 0.64cvss 9.8epss 0.02
Buffer overflow in the csp_sfp_recv_fp in csp_sfp.c in the libcsp library v1.4 and earlier allows hostile components with network access to the SFP underlying network layers to execute arbitrary code via specially crafted SFP packets.
- risk 0.64cvss 9.8epss 0.02
Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet.
- CVE-2025-51824Aug 11, 2025risk 0.00cvss —epss 0.00
libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart/zephyr.c.
- CVE-2025-51823Aug 11, 2025risk 0.00cvss —epss 0.00
libcsp 2.0 is vulnerable to Buffer Overflow in the csp_eth_init() function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a structure member (ctx->name) without validating the input length.