CVE-2023-0396 Buffer Overreads in Bluetooth HCI

2023-01-1900:00:00

CWE-126

zephyr

www.cve.org

bluetooth

buffer overreads

malicious

hci command

EPSS

0.001

Percentile

35.2%

JSON

A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses.

CNA Affected

[
  {
    "vendor": "zephyrproject-rtos",
    "product": "zephyr",
    "versions": [
      {
        "version": "unspecified",
        "lessThanOrEqual": "v3.2",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8rpp-6vxq-pqg3

EPSS

0.001

Percentile

35.2%

JSON

Related for CVELIST:CVE-2023-0396