CVE-2023-5753

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Zephyr (affected versions not specified)

Description The issue is related to potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci core.c. This vulnerability is associated with unverified copying of input data, which may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Underflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191CWE-120

Related Identifiers

BDU:2024-01822

CVE-2023-5753

GHSA-HMPR-PX56-RVWW

Affected Products

Zephyr

CVE-2023-5753

Weakness Enumeration

Related Identifiers

Affected Products

References · 12