What the vulnerability does
01Description
In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
CVE-2022-1042
HIGH
CVE-2022-1042: Out-of-bound write vulnerability in the Bluetooth mesh core stack can be triggered during provisioning
CVSS base score
8.2/10
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L
Key dates
02Disclosure timeline
July 26, 2022
CVE published
September 16, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-4421 EfiSmiServices: gEfiSmmCpuProtocol, SMM memory corruption vulnerabilities in SMM module
CVE-2022-28829 Adobe FrameMaker Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2021-21066 Adobe Bridge Font Parsing Out-Of-Bounds Write Arbitrary Code Execution Vulnerability
CVE-2021-3721
CVE-2023-20109
