CVE-2017-14201

CVE-2017-14201: The shell DNS command can cause unpredictable results due to misuse of stack variables.

Vendor Zephyr
Product shell
Weakness CWE-416
Published August 29, 2019
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

Use After Free vulnerability in the Zephyr shell allows a serial or telnet connected user to cause denial of service, and possibly remote code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all.

Key dates

02Disclosure timeline

August 29, 2019 CVE published
September 17, 2024 Record updated