zephyr
/
zephyr
mirror of https://github.com/zephyrproject-rtos/zephyr.git
1
0
Fork 0
Code Issues Releases Wiki Activity

doc: security: CVE-2024-3077 left embargo 

Disclose information about CVE-2024-3077.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This commit is contained in:
Flavio Ceolin 2024-03-28 22:36:14 -07:00 committed by Anas Nashif
parent 6e4bdb7510
commit 2e053e8116
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
doc/security/vulnerabilities.rst
View File

@ -1699,3 +1699,17 @@ This has been fixed in main for v3.6.0
- `PR 69170 fix for main
<https://github.com/zephyrproject-rtos/zephyr/pull/69170>`_
CVE-2024-3077
-------------
Bluetooth: Integer underflow in gatt_find_info_rsp. A malicious BLE
device can crash BLE victim device by sending malformed gatt packet.
- `Zephyr project bug tracker GHSA-gmfv-4vfh-2mh8
<https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gmfv-4vfh-2mh8>`_
This has been fixed in main for v3.7.0
- `PR 69396 fix for main
<https://github.com/zephyrproject-rtos/zephyr/pull/69396>`_