Description
ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In versions 5.2.6, 5.3.5, 5.4.4, 5.5.3, and 6.0, an out-of-bounds read exists in the BlueDroid AVRCP vendor-command parser (avrc_pars_vendor_cmd() in components/bt/host/bluedroid/stack/avrc/avrc_pars_tg.c). This issue has been patched in versions 5.2.7, 5.3.6, 5.4.5, 5.5.4, and 6.0.1.
CVSS breakdown
CVSS 3.1
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
Low
Affected products
- espressif / esp-idf= 5.2.6 – = 5.2.6
- espressif / esp-idf= 5.3.5 – = 5.3.5
- espressif / esp-idf= 5.4.4 – = 5.4.4
- espressif / esp-idf= 5.5.3 – = 5.5.3
- espressif / esp-idf= 6.0 – = 6.0
References
- VENDOR_ADVISORYhttps://github.com/espressif/esp-idf/security/advisories/GHSA-3pp8-42fh-3j3c
- PATCHhttps://github.com/espressif/esp-idf/commit/56053c4d1f37955ccf296cf2f6dfd0f7ebd4fae6
- PATCHhttps://github.com/espressif/esp-idf/commit/60f9362f83a05942069532f357c234cd5e5d4302
- PATCHhttps://github.com/espressif/esp-idf/commit/7c004d3fe3022f5f0db98dd1b2d0648a3a9cfb3f
- PATCHhttps://github.com/espressif/esp-idf/commit/8746e5f7e762ead84d2902edec34d84cdd701b2b
- PATCHhttps://github.com/espressif/esp-idf/commit/b0959b5ab1dc60398a916c80f14b1816780c801e
- PATCHhttps://github.com/espressif/esp-idf/commit/c53d05ae526607ca5eae9ffedaf57775eec33a4f