CVE-2021-3454: 
NixOS vulnerability analysis and mitigation

CVE-2021-3454 affects Zephyr versions >= 2.4.0 and >= v.2.50, involving a vulnerability where truncated L2CAP K-frame causes assertion failure. The vulnerability was discovered and disclosed in June 2021, with a patch released in version 2.6.0. The issue has been assigned a CVSS v3.1 base score of 7.5 (HIGH) by NVD, while Zephyr Project assessed it at 4.3 (MEDIUM) (Zephyr Advisory).

The vulnerability stems from improper handling of length parameter inconsistency (CWE-130) and reachable assertion (CWE-617). Specifically, in the l2capchanlerecv() function, when retrieving the SDU length from the buffer, the buffer length is not properly checked. This leads to an assertion when calling netbufpullle16(buf). If assertions are disabled, the SDU length is calculated incorrectly, resulting in packet dropping due to invalid SDU length (Zephyr Advisory).

The vulnerability affects the availability of the system, with no impact on confidentiality or integrity. When exploited, it can cause an assertion failure in the system, potentially leading to system disruption. If assertions are disabled, it results in incorrect SDU length calculation and subsequent packet dropping (Zephyr Advisory).

The vulnerability has been fixed in Zephyr version 2.6.0. Patches have been provided for different versions: master branch (PR #32588), v2.5.0 (PR #33513), and v2.4.0 (PR #33514). Users are advised to upgrade to the patched versions (Zephyr Advisory).