Skip to content

Commit

Permalink
doc: security: CVE-2024-3077 left embargo
Browse files Browse the repository at this point in the history 
Disclose information about CVE-2024-3077.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
  • Loading branch information
@nashif
Flavio Ceolin authored and nashif committed Apr 4, 2024
1 parent 6e4bdb7 commit 2e053e8
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions doc/security/vulnerabilities.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1699,3 +1699,17 @@ This has been fixed in main for v3.6.0

- `PR 69170 fix for main
<https://github.com/zephyrproject-rtos/zephyr/pull/69170>`_

CVE-2024-3077
-------------

Bluetooth: Integer underflow in gatt_find_info_rsp. A malicious BLE
device can crash BLE victim device by sending malformed gatt packet.

- `Zephyr project bug tracker GHSA-gmfv-4vfh-2mh8
<https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gmfv-4vfh-2mh8>`_

This has been fixed in main for v3.7.0

- `PR 69396 fix for main
<https://github.com/zephyrproject-rtos/zephyr/pull/69396>`_

0 comments on commit 2e053e8

Please sign in to comment.