Vulnerability-Lookup

GHSA-P54Q-9GFQ-FVP4

Vulnerability from github – Published: 2026-01-10 12:30 – Updated: 2026-01-10 12:30

Details

Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver.

This issue affects Apache NimBLE: through 1.8.

This issue requires a broken or bogus Bluetooth controller and thus severity is considered low.

Users are recommended to upgrade to version 1.9, which fixes the issue.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2025-53470"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-01-10T10:15:50Z",
    "severity": null
  },
  "details": "Out-of-bounds Read vulnerability in Apache  NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver.\n\nThis issue affects Apache NimBLE: through 1.8.\u00a0\n\nThis issue requires a broken or bogus Bluetooth controller and thus severity is considered low.\n\nUsers are recommended to upgrade to version 1.9, which fixes the issue.",
  "id": "GHSA-p54q-9gfq-fvp4",
  "modified": "2026-01-10T12:30:16Z",
  "published": "2026-01-10T12:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53470"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/mynewt-nimble/commit/b973df0c6cf7b30efbf8eb2cafdc1ee843464b76"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread/32sm0944dyod4sdql77stgyw9xb2msc0"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2026/01/08/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CVE-2025-53470 (GCVE-0-2025-53470)

Vulnerability from cvelistv5 – Published: 2026-01-10 09:46 – Updated: 2026-01-10 10:06

Title

Apache Mynewt NimBLE: Out-of-Bounds Write Vulnerability in NimBLE HCI H4 driver

Summary

Out-of-bounds Read vulnerability in Apache NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver. This issue affects Apache NimBLE: through 1.8. This issue requires a broken or bogus Bluetooth controller and thus severity is considered low. Users are recommended to upgrade to version 1.9, which fixes the issue.

Severity ?

No CVSS data available.

CWE

CWE-125 - Out-of-bounds Read

Assigner

apache

References

URL

Tags

	https://github.com/apache/mynewt-nimble/commit/b9…	patch
	https://lists.apache.org/thread/32sm0944dyod4sdql…	vendor-advisory

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Mynewt NimBLE	Affected: 0 , ≤ 1.8 (semver)

Credits

雷重庆 <leicq@seu.edu.cn>

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2026-01-10T10:06:49.945Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2026/01/08/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Mynewt NimBLE",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "1.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "\u96f7\u91cd\u5e86 \u003cleicq@seu.edu.cn\u003e"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eOut-of-bounds Read vulnerability in Apache  NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver.\u003c/p\u003e\u003cp\u003eThis issue affects Apache NimBLE: through 1.8.\u0026nbsp;\u003c/p\u003e\u003cp\u003eThis issue requires a broken or bogus Bluetooth controller and thus severity is considered low.\u003c/p\u003e\u003cp\u003eUsers are recommended to upgrade to version 1.9, which fixes the issue.\u003c/p\u003e"
            }
          ],
          "value": "Out-of-bounds Read vulnerability in Apache  NimBLE HCI H4 driver. Specially crafted HCI event could lead to invalid memory read in H4 driver.\n\nThis issue affects Apache NimBLE: through 1.8.\u00a0\n\nThis issue requires a broken or bogus Bluetooth controller and thus severity is considered low.\n\nUsers are recommended to upgrade to version 1.9, which fixes the issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "low"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125 Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-01-10T09:46:35.789Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/apache/mynewt-nimble/commit/b973df0c6cf7b30efbf8eb2cafdc1ee843464b76"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/32sm0944dyod4sdql77stgyw9xb2msc0"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Apache Mynewt NimBLE: Out-of-Bounds Write Vulnerability in NimBLE HCI H4 driver",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2025-53470",
    "datePublished": "2026-01-10T09:46:35.789Z",
    "dateReserved": "2025-06-30T13:43:23.389Z",
    "dateUpdated": "2026-01-10T10:06:49.945Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

GHSA-P54Q-9GFQ-FVP4

CVE-2025-53470 (GCVE-0-2025-53470)

Tags

Sightings

Nomenclature