github zephyrproject-rtos/zephyr v3.7.2
Zephyr LTS 3.7.2
on GitHub

5 hours ago

This is an LTS maintenance release with fixes.

Security Vulnerability Related

The following CVEs are addressed by this release:

More detailed information can be found in:
https://docs.zephyrproject.org/latest/security/vulnerabilities.html

Issues fixed

These GitHub issues were addressed since the previous 3.7.1 tagged release:

  • #67637 Telnet shell asserts if connection is closed
  • #72840 sensor_shell: strange and unexpected output when getting single axis from 3-axis data
  • #75119 Doc: Graphviz fontcolor switched between light and dark themes
  • #75121 Doc: Graphviz figures do not use the same font as the documentation
  • #77088 net: buf: Pre-initialize user_data on net_buf_alloc()
  • #79042 net: dns: Out of bounds array access in DNS dispatcher
  • #79066 STM32 Ethernet stops receiving under heavy load
  • #79805 Compile error when using networking and SystemView Tracing
  • #80574 Meta-IRQ does not preempt cooperative threads when woken from IRQ (cortex_m)
  • #81343 shell cmd: "devmem load" only works for addresses below 0x80000000
  • #81380 test: twister: hwmap: missing serial_pty definition
  • #81454 drivers: rtc: sam: Missing function rtc_sam_validate_tm
  • #81513 I2C eeprom target does not fully support 16 bit addresses
  • #81570 ESP32 fails on assert when WiFi enabled (3.7.x LTS)
  • #81777 Flash API: flash_erase has incorrect userspace handler
  • #81781 posix:fpu: Enabling CONFIG_FPU and CONFIG_FPU_SHARING causes compiler error
  • #82139 Fix DNS parsing errors
  • #82370 modem: the UART exchange between the MCU and the modem is disrupted after rebooting the MCU or modem.
  • #82427 net: lwm2m: Missing mutex unlock in LwM2M Registry
  • #82437 drivers: flash: flash_mcux_flexspi: since adding support for W25Q512JV, FlexSPI with the W25Q128JV no longer works
  • #82652 sockets_service: dns: Sockets service calling closed dispatch socket callback causes fatal
  • #82710 [backport] pm: device_runtime: Fix bitfields misuse
  • #82933 VFS/ext2: Buffer overflow in ext2_inode_read
  • #83041 samples: mgmt: mcumgr: smp_svr: Bluetooth advertising restarted on connection
  • #83331 spi_mcux_ecspi does not handle gpio chipselect correctly
  • #83332 spi_mcux_ecspi does not handle transfers with 32 bits.
  • #83354 log/mpsc_pbuf: logging in spinlock held context can cause recurring exception
  • #83399 auxdisplay: jhd1313: Out-of-bounds read
  • #83447 native_posix entropy driver produces very bad entropy for 64 bit targets
  • #83599 NXP drivers: flash: soc_flash_mcux: CMD_MARGIN_CHECK fails infrequently
  • #83625 vfs/ext2: Incorrectly calculated nbytes_to_read in ext2_inode_read potentially causing data corruption
  • #83794 lis2de12 sensor driver giving 0 values
  • #84148 3.7: Bluetooth: TBS: TBS client may return NULL instead of the empty string in callbacks
  • #84274 Shell API unsafe to use outside of command handlers
  • #84306 drivers: can: tcan4x5x: Build fails/emits warnings when optional reset-gpios property is not supplied in device tree
  • #84384 RTIO Workqueue - Race condition leads to dead-lock in high-demand applications
  • #84438 Memory leak with socket() + close() when socket offloading is enabled
  • #84538 http_server leak RX buffers when zsock_poll fails in http_server_run
  • #84614 [v3.7-branch] Update MCUboot to include fixes
  • #84737 eth_stm32_hal: Failed to obtain RX buffer - error makes device unreachable
  • #84842 STM32WBA: zephyr/drivers/flash/flash_stm32wba_fm.c: flash_stm32_erase: unexpected erase size
  • #84902 mgmt: mcumgr: grp: img_mgmt: DFU confirmed callback does not check status
  • #84952 logging: log_cmds: backend ID is wrong for backend(s) that do not autostart
  • #85211 dts: atmel sam4s: incorrect sram addresses
  • #85301 Bluetooth: host: missing NULL check in bt_le_create_conn_cancel
  • #85380 DHCP address disappears when TCP socket is closed.
  • #85521 Issue with User-Defined Payload Transmission Over SMP: Payload Length Calculation and Memory Address Handling
  • #85674 net: ipv6: Neigbor reachablity detection is not compliant with RFC 4861
  • #85759 RTIO Workqueue does not work during Device Initialization (POST_KERNEL)
  • #85816 tests: tests/net/conn_mgr_monitor/net.conn_mgr.dad failed with W5500
  • #86116 soc: NXP: RW61x: SystemCoreClock frequency incorrect
  • #86499 net: Critical Mutex Deadlock
  • #86954 sample.smf.hsm_psicc2 is flaky on SMP platforms
  • #87323 Network buffer leak if sending IPv4 TTL 0 or IPv6 hop limit 0 packets
  • #87947 Check possible recursion when parsing DNS response
  • #88047 __nocache section conflicts with __ramfunc on stm32h750
  • #88229 mbedtls: update to 3.6.3 in 3.7 branch
  • #88233 net: coap_client library asserts on boot
  • #88328 Using I/O pads sourced from VHIF without enabling the eSPI or SHI drivers may lead to issues
  • #88506 stm32: STM32 I2C LL Driver: Stuck in an infinite loop when SDA/SCL is short-circuited
  • #88558 disco_l475_iot1/arduino_r3_connector.dtsi arduino_i2c should be i2c1
  • #88694 mgmt: ec_host_cmd: npcx: add workaround for backend SHI
  • #88946 driver: timer: npcx: fix timer accuracy issue
  • #89331 Many threads locking two mutexes can cause a crash
  • #89349 Flash Map: Bounds checking not immune to integer overflow
  • #89413 Zephyr SPDX does not pass validation
  • #89641 net: dhcp: current DHCP client implementation does not follow RFC2131 and RFC2132
  • #89984 drivers: watchdog: npcx: fix T0 timer reload procedure
  • #89990 STM32: USB: USB CDC IN Endpoint stuck forever after receiving Clear feature - endpoint halt request
  • #90103 http_server: Wildcard resource matching reports incorrect path length
  • #90655 LE-Audio: BAP scan delegator does not send further notifications after add source or modify source are rejected by application layer
  • #90688 coap_resource_parse_observe returns 0 (register) instead of 1 (deregister) upon a deregister of an unknown observer
  • #90777 arch.shared_interrupt.lto.speed compile fail on apollo5 platform
  • #90784 drivers: flash: npcx: add k_usleep when polling busy status
  • #90989 gpio: gpio_adp5585_gpio incorrect gpio gaps handling
  • #91360 [v3.7-branch] Update MCUboot with fixes from 2.2.0 release
  • #91799 Docs version switcher always displays "v: latest"
  • #92243 tls_credentials.h is not found when building ES-Wifi with CONFIG_TLS_CREDENTIALS (v3.7 branch)
  • #92413 Issue with thread suspension in zephyr 3.7.1
  • #92557 ARC: nsim/nsim_vpx5 applications fail to execute on nsimdrv
  • #92764 [ARC][Userspace][v3.7.1] Regression: User threads fail to run with user space enabled (MW toolchain)
  • #93790 drivers: console: posix_arch_console: build warning with CONFIG_PRINTK=n
  • #94000 EXT2 fs_stat on mount point fails with a NULL pointer dereference.
  • #94925 mbedtls: update to 3.6.4 in 3.7 branch
  • #95297 Links to the pyOCD repository are outdated
  • #95787 Backport fixes to MCUboot for zephyr v3.7
  • #95850 Applications do not watch MCUboot key file for changes
  • #96172 Backport #95101 (arch: arm: switch to privilege stack in SVC handler)
  • #97304 Backport #96850 (arch: arm: start threads on privileged stack)
  • #84934 USB devices broken on STM32F723XX MCUs after clock enable changes in Zephyr v3.7.0
  • #86444 BLE can't be used after erasing board and flash BT SHELL app
  • #88506 stm32: STM32 I2C LL Driver: Stuck in an infinite loop when SDA/SCL is short-circuited
  • #92397 Missing fallback to a base board.dts when using a board variant without specific dts file
  • #95113 gpio_pin_get_config for STM32 returns wrong flags value for input pins
  • #95768 Possible TCP connection leak when creating a socket
  • #97473 Branch 3.7: arch.arm.user.stack fails on frdm_k64f and npcx9m6f_evb (Timeout)
  • #98231 Build System: defconfig: Base defconfig not used on fully qualified oot board
  • #98768 STM32F303 bxCAN: Last 2 bytes corrupted on TX pin, but registers are correct
  • #98936 net: ICMPv4 packets can be reported to ICMPv6 handlers (and vice versa)
  • #99678 Build warnings on subsys/net/lib/websocket/websocket.c
  • #99682 net: lib: dns: Unpacking query name can overflow the destination buffer
  • #99797 MCUmgr: OS: DateTime: Millisecond parsing erroneous
  • #99895 [v3.7-branch] npcx9m6f_evb and frdm_k64f: kernel.common.stack_protection_arm_fpu_sharing fails
  • #100212 No event code filterint for LVGL pointer process
  • #100227 mbedtls: update to 3.6.5 in 3.7 branch
  • #102635 gpio: mcux: Potential infinite interrupt hang when configuring
  • #104208 IPv4/6 fragmentation memory leak
  • #104233 [backport] Bluetooth: Host: Add l2cap credit param checks
  • #104248 DNS query packet length check
  • #104253 driver: clock_control: RCC_BDCR_LSEDRV_Pos undefined using STM32L0
  • #104652 net: socketcan: length not always verified
  • #104748 [mcumgr] error codes of group "stat" incorrect
  • #104948 net: lib: socket: tls: Potential out-of-bounds write in socket_op_vtable::connect
  • #61464 USB device stack (new and old) assertion on STM32
  • #105106 arc: mpu: MPUv6 buffer validation race condition causes spurious access denials
  • #105374 drivers: gpio: sam: callback called when interrupt disabled
  • #105754 net: sockets: msg->msg_iovlen is not validated in zsock_recvmsg() sys call
  • #105977 v3.7 twister broken on current python set of packages

Mbed TLS

Mbed TLS was updated to version 3.6.5 (from 3.6.2). The release notes can be found at:
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.5
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.4
https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.6.3

Mbed TLS 3.6 is an LTS release that will be supported
with security and bug fixes until at least March 2027.

Trusted Firmware-M (TF-M)

TF-M was updated to version 2.1.2 (from 2.1.1). The release notes can be found at:
https://trustedfirmware-m.readthedocs.io/en/tf-mv2.1.2/releases/2.1.2.html

TF-M 2.1 is an LTS release that will be supported
with security and bug fixes until at least May 2027.

Check out latest releases or
releases around zephyrproject-rtos/zephyr v3.7.2

Don't miss a new zephyr release

NewReleases is sending notifications on new releases.

Get notifications