Vulnerabilities > CVE-2024-6444 - Out-of-bounds Write vulnerability in Zephyrproject Zephyr 3.2.01

047910
CVSS 6.5 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
low complexity
zephyrproject
CWE-787
NVD
Published: 2024-10-04
Updated: 2024-11-13

Summary

No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c.

Vulnerable Configurations

Part Description Count
OS
Zephyrproject
1

Common Weakness Enumeration (CWE)

References