Out-of-Bounds Write Vulnerability in Microchip UART Driver
CVE-2026-10644

4.2MEDIUM

Key Information:

Vendor: Zephyrproject
Status: Zephyr
Vendor: CVE Published:; 28 June 2026

🔔 Create Zephyrproject Vulnerability Alert

What is CVE-2026-10644?

The Microchip SERCOM-G1 UART driver has a vulnerability caused by an out-of-bounds write in its asynchronous receive path. When utilizing the uart_rx_enable() function with a one-byte receive buffer and enabling CONFIG_UART_MCHP_ASYNC, the RX-complete ISR may trigger a DMA transfer while a byte is still awaiting processing. This results in a write operation that exceeds the allocated buffer size, potentially leading to memory corruption. The overflowed memory could be manipulated by adjacent attackers, resulting in loss of data integrity, crashes, or denial of service. Users are advised to ensure proper configurations are in place and apply the fix included in the latest versions of the driver.

Affected Version(s)

zephyr 4.4.0 < 4.5.0

References

https://github.com/zephyrproject-rtos/zephyr/commit/5251d...

patch

https://github.com/zephyrproject-rtos/zephyr/security/adv...

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 28, 2026
Vulnerability Reserved
Jun 2, 2026

CVE-2026-10644 Data

JSON