6 matches found
CVE-2026-46532 ESF-IDF: Heap Out-of-Bounds Read in Bluedroid AVRCP Target Parser
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...
CVE-2026-46532 ESF-IDF: Heap Out-of-Bounds Read in Bluedroid AVRCP Target Parser
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser avrcparsvendorcmd in components/bt/host/bluedroid/stack/avrc/avrcparstg.c. This issue has been patched ...
CVE-2026-46532
CVE-2026-46532 describes a heap/out-of-bounds read in Espressif’s ESF-IDF (IoT Development Framework) due to the BlueDroid AVRCP vendor-command parser (avrc_pars_vendor_cmd) in bluedroid. Affected versions are 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0. The issue has been patched in 5.2.7, 5.3.6, 5.4.5,...
ESP-IDF 缓冲区错误漏洞
ESP-IDF is an open-source development framework for Espressif’s SoCs, supported on Windows, Linux, and macOS. Versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0 of ESP-IDF contain buffer error vulnerabilities, which stem from out-of-bounds reads in the BlueDroid AVRCP vendor-command parser...
PT-2026-48354
Name of the Vulnerable Software and Affected Versions ESF-IDF version 5.2.6 ESF-IDF version 5.3.5 ESF-IDF version 5.4.4 ESF-IDF version 5.5.3 ESF-IDF version 6.0 Description An out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser within the avrc pars vendor cmd function located ...
CVE-2022-20221
In avrcctrlparsvendorcmd of avrcparsct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...