Описание
Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver.
This issue affects Apache NimBLE: through 1.8.
This issue requires a broken or bogus Bluetooth controller and thus severity is considered low.
Users are recommended to upgrade to version 1.9, which fixes the issue.
Ссылки
- Patch
- Mailing ListVendor Advisory
- Mailing ListThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.9.0 (исключая)
cpe:2.3:a:apache:nimble:*:*:*:*:*:*:*:*
EPSS
Процентиль: 6%
0.00025
Низкий
3.1 Low
CVSS3
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 3.1
github
29 дней назад
Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver. This issue affects Apache NimBLE: through 1.8. This issue requires a broken or bogus Bluetooth controller and thus severity is considered low. Users are recommended to upgrade to version 1.9, which fixes the issue.
EPSS
Процентиль: 6%
0.00025
Низкий
3.1 Low
CVSS3
Дефекты
CWE-125