Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:58 p.m.14 views

CVE-2026-5589

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

6.3CVSS5.9AI score0.00218EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 8:16 p.m.10 views

CVE-2026-5589

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

6.3CVSS0.00218EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 7:54 p.m.22 views

CVE-2026-5589

The CVE-2026-5589 issue affects the Bluetooth Mesh subsystem (bt_mesh_sol_recv in subsys/bluetooth/mesh/solicitation.c). When CONFIG_BT_MESH_OD_PRIV_PROXY_SRV is enabled, the AD parsing loop reads an attacker-controlled length (reported_len) and computes reported_len - 3 without ensuring reported...

6.3CVSS6.2AI score0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 7:54 p.m.31 views

CVE-2026-5589 Out-of-bounds write caused by an integer underflow in the Bluetooth Mesh subsystem.

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

0.00218EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/04 7:54 p.m.11 views

EUVD-2026-34322

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

6.2AI score0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 7:54 p.m.8 views

CVE-2026-5589 Out-of-bounds write caused by an integer underflow in the Bluetooth Mesh subsystem.

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

6AI score0.00218EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.14 views

PT-2026-46319

Name of the Vulnerable Software and Affected Versions Bluetooth Mesh affected versions not specified Description An integer underflow occurs in the bt mesh sol recv function within the Bluetooth Mesh solicitation handling. When CONFIG BT MESH OD PRIV PROXY SRV is enabled, the function parses...

6.3CVSS5.7AI score0.00218EPSS
Exploits0References4
Rows per page
Query Builder