Severity: low Affected versions:
- Apache NimBLE through 1.7.0 Description: Improper Validation of Array Index vulnerability in Apache NimBLE. Lack of input validation for HCI events from controller could result in out-of-bound memory corruption and crash. This issue requires broken or bogus Bluetooth controller and thus severity is considered low. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue. Credit: Eunkyu Lee (reporter) References: https://mynewt.apache.org/ https://www.cve.org/CVERecord?id=CVE-2024-47249
