3 matches found
CVE-2022-24893
ESP-IDF is the official development framework for Espressif SoCs. In Espressif’s Bluetooth Mesh SDK ESP-BLE-MESH, a memory corruption vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU. This can result in memory corruption...
CVE-2022-24893
ESP-IDF Bluetooth Mesh (ESP-BLE-MESH) contains a memory corruption vulnerability (CVE-2022-24893) triggered during provisioning due to no check on the SegN field of the Transaction Start PDU. This can lead to memory corruption with potential attacker control of the system. Patch commits exist on ...
CVE-2022-24893 Espressif Bluetooth Mesh Stack Vulnerable to Out-of-bounds Write leading to memory buffer corruption
ESP-IDF is the official development framework for Espressif SoCs. In Espressif’s Bluetooth Mesh SDK ESP-BLE-MESH, a memory corruption vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU. This can result in memory corruption...