Vulnerabilities > CVE-2024-6442 - Out-of-bounds Write vulnerability in Zephyrproject Zephyr 3.2.01

047910
CVSS 6.5 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
low complexity
zephyrproject
CWE-787
NVD
Published: 2024-10-04
Updated: 2024-11-13

Summary

In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow.

Vulnerable Configurations

Part Description Count
OS
Zephyrproject
1

Common Weakness Enumeration (CWE)

References