Zephyrproject: >> Zephyr >> 1.9.2 Security Vulnerabilities
No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-10-04
In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string is empty.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-10-04
In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-10-04
BT: HCI: adv_ext_report Improper discarding in adv_ext_report
CVSS Score
7.6
EPSS Score
0.002
Published
2024-09-13
BT: Unchecked user input in bap_broadcast_assistant
CVSS Score
6.3
EPSS Score
0.001
Published
2024-09-13
BT:Classic: Multiple missing buf length checks
CVSS Score
7.6
EPSS Score
0.002
Published
2024-09-13
BT: Classic: SDP OOB access in get_att_search_list
CVSS Score
7.6
EPSS Score
0.002
Published
2024-09-13
BT: Encryption procedure host vulnerability
CVSS Score
8.2
EPSS Score
0.001
Published
2024-09-13
BT: Missing length checks of net_buf in rfcomm_handle_data
CVSS Score
6.8
EPSS Score
0.002
Published
2024-09-13
BT: Missing Check in LL_CONNECTION_UPDATE_IND Packet Leads to Division by Zero
CVSS Score
7.6
EPSS Score
0.002
Published
2024-08-19