Jincheng

**Name of the Vulnerable Software and Affected Versions** ESF-IDF versions 5.5.1 through 5.1.6 and earlier **Description** ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. The Bluetooth host stack (BlueDroid) within ESP-IDF contains a flaw in the `bta dm sdp result()` function. This function utilizes a fixed-size array, `uuid list[32][MAX UUID SIZE]`, to store discovered service UUIDs during the Service Discovery Protocol (SDP) process. If the number of discovered Bluetooth services exceeds 32, subsequent writes to this array can result in an out-of-bounds write condition. **Recommendations** Versions prior to 5.1.6 are affected. Versions 5.1.6, 5.2.6, 5.3.4, 5.4.3, and 5.5.1 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.