CVE-2025-10456

High CVSS: 7.1

A vulnerability was identified in the handling of Bluetooth Low Energy (BLE) fixed channels (such as SMP or ATT). Specifically, an attacker could exploit a flaw that causes the BLE target (i.e., the device under attack) to attempt to disconnect a fixed channel, which is not allowed per the Bluetooth specification. This leads to undefined behavior, including potential assertion failures, crashes, or memory corruption, depending on the BLE stack implementation.

Vendor

Zephyrproject

Product

Zephyr

CWE

CWE-190

Yayın Tarihi

2025-09-19 06:15:34

Güncelleme

2025-10-29 18:16:37

Source Identifier

vulnerabilities@zephyrproject.org

KEV Date Added

Kategoriler

CWE-190 Zephyr HIGH Zephyrproject 2025

Referanslar

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-hcc8-3qr7-c9m8

Benzer Kayıtlar

High

CVE-2026-1679

The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; ove…

Medium

CVE-2026-4179

Issues in stm32 USB device driver (drivers/usb/device/usb_dc_stm32.c) can lead to an infinite while loop.

Low

CVE-2026-0849

Malformed ATAES132A responses with an oversized length field overflow a 52-byte stack buffer in the Zephyr crypto driver…

Critical

CVE-2026-1678

dns_unpack_name() caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cac…

High

CVE-2025-10458

Parameters are not validated or sanitized, and are later used in various internal operations.

High

CVE-2025-7403

Unsafe handling in bt_conn_tx_processor causes a use-after-free, resulting in a write-before-zero. The written 4 bytes a…