Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
6.5
CVE-2024-6258: Bluetooth: Data overflow in certain Bluetooth connections
CVE-2024-6258
Summary
A vulnerability in some Bluetooth connections can cause data to be written to memory without limits, potentially leading to security issues. This affects devices using Bluetooth connections in certain situations, and can be mitigated by updating the affected software.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| zephyrproject | zephyr |
< 3.6.0 cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:* |
Original title
BT: Missing length checks of net_buf in rfcomm_handle_data
Original description
BT: Missing length checks of net_buf in rfcomm_handle_data
nvd CVSS3.1
6.5
Vulnerability type
CWE-122
Heap-based Buffer Overflow
CWE-191
- https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7833-fcpm-... Exploit Vendor Advisory
Published: 13 Sep 2024 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026