CVE-2023-0396

CVE-2023-0396: Buffer Overreads in Bluetooth HCI

Vendor Zephyrproject-Rtos
Product zephyr
Weakness CWE-126
Published January 19, 2023
Last update April 3, 2025

CVSS base score

What the vulnerability does

01Description

A malicious / defective bluetooth controller can cause buffer overreads in the most functions that process HCI command responses.

Key dates

02Disclosure timeline

January 19, 2023 CVE published
April 3, 2025 Record updated