CVE-2025-9558
Bluetooth: Mesh: Out-of-Bound Write in gen_prov_start
There is a potential OOB Write vulnerability in the gen_prov_start function in pb_adv.c. The full length of the received data is copied into the link.rx.buf receiver buffer without any validation on the data size.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Productos afectados
zephyrproject-rtos · Zephyr¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →