Wiz
Vulnerability DatabaseCVE-2020-10064

CVE-2020-10064
NixOS vulnerability analysis and mitigation

Overview

CVE-2020-10064 is a vulnerability affecting Zephyr versions >= v1.14.2 and >= v2.2.0, discovered in the ieee802154 processing component. The vulnerability was disclosed in early 2020 and involves improper input frame validation that can lead to stack-based and heap-based buffer overflows (Zephyr Advisory).

Technical details

The vulnerability stems from an underflow condition in packet buffer size handling for small ieee802154 packets. The issue occurs in the ieee802154recv function where manual computation of size is performed after minimal size validation in ieee802154validateframe. The size check for minimal packet size (IEEE802154MINLENGTH == 3) fails to account for additional sizes introduced by PAN id and extended source/destination addresses. This can result in out-of-bounds access in the uncompressIPHC_header function (Zephyr Advisory).

Impact

When exploited, this vulnerability can lead to Denial of Service (DoS) at minimum. For systems with larger RAM (>64kB), the vulnerability could potentially be exploited for Remote Code Execution (RCE) depending on timing conditions during memory operations (Zephyr Advisory).

Mitigation and workarounds

The vulnerability has been patched in Zephyr version v2.3.0. Fixes were implemented through pull request #24971 for the master branch and #33451 for the v1.14-branch (Zephyr Advisory).

Additional resources

SourceThis report was generated using AI

Related NixOS vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-12819HIGH8.1
  • NixOSNixOS
  • pgbouncer
NoYesDec 03, 2025
CVE-2025-20777MEDIUM6.7
  • NixOSNixOS
  • android
NoNoDec 02, 2025
CVE-2025-65105MEDIUM5.3
  • NixOSNixOS
  • apptainer
NoYesDec 02, 2025
CVE-2025-20789MEDIUM4.4
  • NixOSNixOS
  • android
NoNoDec 02, 2025
CVE-2025-20788MEDIUM4.4
  • NixOSNixOS
  • android
NoNoDec 02, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo