CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6137 – BT: Classic: SDP OOB access in get_att_search_list
https://notcve.org/view.php?id=CVE-2024-6137
BT: Classic: SDP OOB access in get_att_search_list • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-pm38-7g85-cf4f • CWE-20: Improper Input Validation CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6135 – BT:Classic: Multiple missing buf length checks
https://notcve.org/view.php?id=CVE-2024-6135
BT:Classic: Multiple missing buf length checks • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-xcr5-5g98-mchp • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5931 – BT: Unchecked user input in bap_broadcast_assistant
https://notcve.org/view.php?id=CVE-2024-5931
BT: Unchecked user input in bap_broadcast_assistant • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-r8h3-64gp-wv7f • CWE-20: Improper Input Validation CWE-121: Stack-based Buffer Overflow •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-6258 – BT: Missing length checks of net_buf in rfcomm_handle_data
https://notcve.org/view.php?id=CVE-2024-6258
BT: Missing length checks of net_buf in rfcomm_handle_data • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7833-fcpm-3ggm • CWE-20: Improper Input Validation CWE-122: Heap-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5754 – BT: Encryption procedure host vulnerability
https://notcve.org/view.php?id=CVE-2024-5754
BT: Encryption procedure host vulnerability • https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gvv5-66hw-5qrc • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •