{"id":"CVE-2024-51569","details":"Out-of-bounds Read vulnerability in Apache NimBLE.\n\nMissing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory.\nThis issue requires broken or bogus Bluetooth controller and thus severity is considered low.\nThis issue affects Apache NimBLE: through 1.7.0.\n\n\nUsers are recommended to upgrade to version 1.8.0, which fixes the issue.","modified":"2026-04-12T10:54:01.885009Z","published":"2024-11-26T12:15:21.113Z","references":[{"type":"ADVISORY","url":"https://lists.apache.org/thread/q0vs5rddx1lho30xnpsrvpzgxqmywnhs"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2024/11/26/5"},{"type":"FIX","url":"https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/apache/mynewt-nimble","events":[{"introduced":"0"},{"fixed":"ca67e3015eec30eb97c853112441082d709e43ba"},{"fixed":"4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.8.0"}]}}],"versions":["nimble_1_5_0_rc1_tag","nimble_1_5_0_tag","nimble_1_6_0_rc1_tag","nimble_1_6_0_tag","nimble_1_7_0_rc1_tag","nimble_1_7_0_tag"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-51569.json","vanir_signatures":[{"source":"https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9","signature_version":"v1","signature_type":"Function","target":{"file":"nimble/host/src/ble_hs_hci_evt.c","function":"ble_hs_hci_evt_num_completed_pkts"},"digest":{"length":688,"function_hash":"149545795026646355959144903601164278261"},"id":"CVE-2024-51569-ac6733fa","deprecated":false},{"source":"https://github.com/apache/mynewt-nimble/commit/4e3ac5b6e7c7df63a594c4ff6839e266b4ccfed9","signature_version":"v1","signature_type":"Line","target":{"file":"nimble/host/src/ble_hs_hci_evt.c"},"digest":{"threshold":0.9,"line_hashes":["291555549076039423046587085229551515186","72738967634729289054543148522589364227","73950164890749064837400529637942075084"]},"id":"CVE-2024-51569-fb7685e1","deprecated":false}],"vanir_signatures_modified":"2026-04-12T10:54:01Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}