Zephyr News: RC3 is Here, Bluetooth CVE-2025-12890

Introduction

Today’s focus in the Zephyr ecosystem is on the mainline: first, version 4.3 has entered the RC3 “hard freeze” window, pointing to a formal release on November 14, suitable for regression and migration assessments before upgrading; second, the Bluetooth peripheral stack vulnerability CVE-2025-12890 is continuously updated in authoritative security databases, and it is recommended that Bluetooth peripherals conduct self-checks and assessments as a priority.

📌 Quick Overview

Category Summary
Version The 4.3 milestone shows that RC3 hard freeze was on November 7, with a target release on November 14, currently in a stabilization phase.
Documentation The main document indicates the main development tree as 4.3.0-rc3, and the 4.3 working draft and migration project pages are now available for reference on upgrade impacts.
Security CVE-2025-12890 is activated on platforms like NVD, described as a structural connection request that could lead to external design crashes and risks of being unable to reconnect.
Release The release and release process documentation has initiated the current version index and release path, and the team is working on the schedule and implementation rhythm.
Community Recent meetings and event pages highlight community hotspots, and the 4.3 battle is suitable for tracking the status of toolchains and new frameworks.

💡 Zephyr Today News

Code Updates

  • The main branch A4.3 is in the defect convergence and stability fixing phase before release, with feature changes and new support slowing down to ensure release quality and recovery efficiency.

  • The main document version is marked as “4.3.0-rc3”, indicating that the current branch is suitable for candidate version validation and adaptation workflow.

Official Announcements

  • No new entries have been added to the official blog and news section in the past 24 hours, with the release rhythm primarily driven by milestones and documentation implementation, focusing on version and security pages for more timely value.

  • The release and release process page serves as an authoritative index for release nodes, and combined with the 4.3 working draft, it can synchronize migration points and deprecated paths to reduce online risks.

Community Hot Topics

  • The migration and regression within the 4.3 time window have become the focus of discussion, with typical concerns including the defaulting of the USB device “Next” stack, Bluetooth parameter validation, and network stack stability examples.

  • The event page and Meetup extended topics cover AI toolchains, ecosystem collaboration, and practical demonstrations, which are beneficial for accumulating materials for functional planning and scenario validation after 4.3.

Security and Patches

  • CVE-2025-12890 is continuously updated on platforms like NVD, with the issue being that structural connection requests (invalid intervals and specific channel mappings) lead to peripheral crashes and denial of service scenarios where reconnection is impossible; it is recommended that Bluetooth peripheral products conduct immediate self-checks and limit exposure.

  • The Zephyr security page and third-party security aggregators (such as vuldb/dbugs) correspond to records, managing responses according to the impact scope, timeline, and subsequent repair guidelines.

Market Trends

  • The ecosystem news page shows significant updates on industry activities and partner additions, with the highest 4.3 release window, suitable for synchronizing assessments of upstream and downstream toolchains, SDKs, and board support compatibility.

🌟 Today’s Insights (Upgrade Checklist Before Release Window)

  • Key migration points: The 4.3 work shows that the USB device “Next” stack has become the default, and the old stack has entered the deprecated path; it is necessary to verify controller APIs, drivers, and interrupt handling paths, and complete regression and document compatibility verification as soon as possible.

  • Timing and rhythm: The milestone table indicates that RC3 hard freeze was on November 7, with a target release on November 14; it is recommended to complete candidate version acceptance and rollback plan drills within this week to align with the official release rhythm.

  • Upgrade entry: The release and migration route draft can serve as a normative basis, combined with the main document version identification to organize differentiated testing matrices (BLE/USB/Net/power consumption) and interface change data tables.

📈 Data Highlights Table

Metric Today’s Status Significance
Main Development Tree Version 4.3.0-rc3 marked on the main document page. Candidate phase, suitable for pre-release validation and interface verification.
Milestone Time RC3 hard freeze on 11/07, target release on 11/14. Countdown phase, focusing on regression and launch preparation.
Work Highlights USB Device “Next” is the default, and the old stack is deprecated with explicit paths. Clarifies the scope of travel, reducing uncertainty in the launch.
Security Entry CVE-2025-12890 is actively updated on NVD. BLE peripherals should prioritize self-checks and temporary protection.
Reference Entry The release and process page can correspond to versions and nodes. Unifies the team’s release rhythm and orders.

💬 Interaction Guidance

Has your team completed the USB and Bluetooth special regression for the 4.3 candidate version, covering boundary cases for parameters and channel mappings? Feel free to share example designs and CI matrix experiences in the comments. Tomorrow, we will continue to track incremental changes and migration considerations before the 4.3 release, and supplement a list of common Bluetooth issues related to the USB “Next” stack.

🔗 Today’s Resource Quick Check

  • Official documentation homepage (main development tree version and navigation entry).

  • 4.3.0 working draft (release project and migration tips).

  • Release index page (version overview and links).

  • Release management Wiki (4.3 milestones and timeline).

  • NVD vulnerability database: CVE-2025-12890 entry.

  • Official news page (ecosystem and event announcements).

✅ Daily Release Check List

  • The title includes the date and core highlights, with the first screen providing version and security deprecation mainlines, structured according to v1.1.0 template requirements.

  • The news sections cover code/official/community/security/ecosystem, with quoted positioning language for quick validation and tracking.

  • The deep dive section focuses on the essential needs of the “upgrade window”, providing preliminary regression and migration path trajectories in conjunction with the working draft and milestones.

(The above content can be directly copied into the public account backend for release, and supplemented with images: milestone table screenshots, 4.3 working draft highlights, CVE entries, and interface difference comparison charts.)

Related posts

  1. Linux Kernel Character Module (Part 3)
  2. In-Depth Analysis of Arm Cortex-A320: An Ultra-Efficient Armv9 CPU Optimized for IoT
  3. New Bluetooth 5.0 Module Based on CC2652RB
  4. Social Norms as Group-Level LoRA: Low-Rank Adaptation and Rapid Alignment Dynamics in Cultural Evolution
  5. App Virtualization on Mac: Running Software Seamlessly
  6. Experience Linux Flavor on Windows: The Right Way to Make Your Terminal Soar
  7. User Feedback: Linux Version of Google Chrome 140 Disrupts Text Rendering
  8. Linux Configuration Management
  9. The Humorous sl Command in Linux
  10. Social Practice | AI Education Robot Research Team: Empowering Education with Technology, AI Leading the Future
  11. Why Do Cars Need to Connect ‘Wi-Fi’ to Space?
  12. Hilariously Creative Bluetooth Headphone Names
  13. Complete Learning Path for Embedded Development: 7 Stages from Zero to Linux System Development
  14. Getting Started with Zephyr: Devicetree Overlays
  15. Understanding the Invisible Weaver of the Internet of Things: ZigBee
  16. Summary of 13 Teardown Reports on OEM Vehicle Wireless Charging Modules
  17. AI and Traditional Culture Drive Significant Growth in Toy Export Orders
  18. How Do Antibody-Drug Conjugates (ADCs) Accurately Hit Their Targets? In-Depth Analysis of the Latest Analytical Techniques and Core Pharmacokinetic Modeling Strategies
  19. Theoretical Research on Self-assembled Phenobarbital and Acrylamide Systems

Leave a Comment