Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Lifecycle Timeline
3DescriptionCVE.org
Issues in stm32 USB device driver (drivers/usb/device/usb_dc_stm32.c) can lead to an infinite while loop.
AnalysisAI
The STM32 USB device driver in Zephyr contains a logic error that can trigger an infinite loop, allowing a local attacker with user-level privileges to cause a denial of service by halting system responsiveness. No patch is currently available for this medium-severity defect that affects the USB subsystem's operational stability.
Technical ContextAI
The vulnerability resides in the Zephyr Project RTOS USB device controller driver for STM32 microcontrollers (drivers/usb/device/usb_dc_stm32.c). The root cause is classified as CWE-835 (Infinite Loop), a control flow weakness where improper loop termination conditions allow execution to enter an unbounded loop. This driver handles USB device enumeration and communication on embedded ARM Cortex-M based STM32 platforms. The infinite loop likely occurs during USB endpoint handling, interrupt processing, or transfer completion routines where a condition check fails to properly exit loop logic, causing the CPU to spin indefinitely and render the embedded device unresponsive. CPE cpe:2.3:a:zephyrproject-rtos:zephyr indicates this affects the Zephyr Project RTOS (all versions through 4.3).
Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system. Rated critical severity (CVSS 10.0),
Possible variant of CVE-2021-3434 in function le_ecred_reconf_req. Rated critical severity (CVSS 9.8), this vulnerabilit
Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows. Rated critical severity (CVS
Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem. Rated critical severity (CVSS 9.8), this vulner
Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Rated critical severity (CVSS 9.8), this vulnerability
Buffer overflow in Zephyr USB DFU DNLOAD. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable
DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addresses. Rated critical severity (CVSS 9.8), this vul
zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get(
Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem. Rated critical severity (CVSS 9.6), this vul
Buffer overflow in Zephyr RTOS dns_unpack_name() function causing OOB writes. PoC available.
The documentation specifies that the BT_GATT_PERM_READ_LESC and BT_GATT_PERM_WRITE_LESC defines for a Bluetooth characte
Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-12190