A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses.
The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Zephyr | Zephyrproject | * | 3.2.0 (including) |