CVE-2024-8798 | zephyrproject-rtos Zephyr up to 3.7 ots_client.c olcp_ind_handler heap-based overflow (GHSA-r7pm-f93f-f7fp)

Posted by Angelo Barbosa | Dec 16, 2024 | CVE

A vulnerability classified as critical was found in zephyrproject-rtos Zephyr up to 3.7. Affected by this vulnerability is the function olcp_ind_handler of the file zephyr/subsys/bluetooth/services/ots/ots_client.c. The manipulation leads to heap-based buffer overflow.

This vulnerability is known as CVE-2024-8798. The attack can be launched remotely. There is no exploit available.

CVE-2024-8798 | zephyrproject-rtos Zephyr up to 3.7 ots_client.c olcp_ind_handler heap-based overflow (GHSA-r7pm-f93f-f7fp)

Related Posts

CVE-2024-28395 | Best-Kit bestkit_popup up to 1.7.2 on PrestaShop bestkit_popup.php sql injection

CVE-2024-51037 | kalcaddle kodbox up to 1.52.04 Captcha information disclosure

VDB-267980 | Amazon AWS IAM Identity Center JTI authentication replay

CVE-2024-4035 | Photo Gallery plugin up to 2.7.7.21 on WordPress cross site scripting