CVE-2024-6442 | zephyrproject-rtos Zephyr up to 3.6 Global Buffer ascs.c ascs_cp_rsp_add out-of-bounds write (GHSA-m22j-ccg7-4v4h)

Posted by Angelo Barbosa | Oct 4, 2024 | CVE

A vulnerability classified as critical has been found in zephyrproject-rtos Zephyr up to 3.6. This affects the function ascs_cp_rsp_add of the file /subsys/bluetooth/audio/ascs.c of the component Global Buffer Handler. The manipulation leads to out-of-bounds write.

This vulnerability is uniquely identified as CVE-2024-6442. Access to the local network is required for this attack. There is no exploit available.

CVE-2024-6442 | zephyrproject-rtos Zephyr up to 3.6 Global Buffer ascs.c ascs_cp_rsp_add out-of-bounds write (GHSA-m22j-ccg7-4v4h)

Related Posts

CVE-2024-39876 | Siemens SINEMA Remote Connect Server up to 3.2 allocation of resources (ssa-381581)

CVE-2023-7245 | OpenVPN Connect Node.js Framework ELECTRON_RUN_AS_NODE neutralization of directives

CVE-2024-30631 | Tenda FH1205 2.0.0.7(775) /goform/openSchedWifi setSchedWifi schedStartTime stack-based overflow

CVE-2024-21894 | Ivanti Connect Secure/Policy Secure IPSec heap-based overflow