First published: Tue Nov 21 2023(Updated: )
An malicious BLE device can cause buffer overflow by sending malformed advertising packet BLE device using Zephyr OS, leading to DoS or potential RCE on the victim BLE device.
|Affected Software||Affected Version||How to fix|
CVE-2023-4424 is a vulnerability that allows a malicious BLE device to cause a buffer overflow in Zephyr OS, potentially leading to denial of service (DoS) or remote code execution (RCE) on the victim BLE device.
CVE-2023-4424 affects Zephyr OS versions up to and including 3.4.0.
The potential consequences of CVE-2023-4424 include denial of service (DoS) or potential remote code execution (RCE) on the victim BLE device.
To fix the CVE-2023-4424 vulnerability, it is recommended to update Zephyr OS to a version higher than 3.4.0.
You can find more information about CVE-2023-4424 in the Zephyr OS security advisory: [link](https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-j4qm-xgpf-qjw3)