CVE-2026-10641: bounds in zephyrproject zephyr
Zephyr's Bluetooth Classic Hands-Free Profile (HFP) Hands-Free role parser (subsys/bluetooth/host/classic/hfp_hf.c) contains an out-of-bounds write. During Service Level Connection setup the HF sends AT+CIND=? and parses the AG's +CIND: response in cind_handle(), which assigns a per-entry counter index and calls cind_handle_values() for each list element. cind_handle_values() then wrote hf-ind_table[index] = i without verifying that index is within the 20-element int8_t ind_table[] array of struct bt_hfp_hf. Because the parser places no cap on the number of +CIND: list entries, a remote Attendant Gateway (a malicious, compromised, or spoofed peer the device connects to over Bluetooth) can send a response with more than 20 recognized indicator entries and drive index arbitrarily large, writing a small attacker-positioned value past the array into adjacent struct fields (feature masks, SDP/version state, the calls[] array, work/atomic bookkeeping) and potentially beyond the static connection pool slot. This yields memory corruption and at least denial of service of the Bluetooth host, triggered by a single malformed AT response with no user interaction. The sibling consumer ag_indicator_handle_values() already performed the equivalent bounds check; this commit adds the same index = ARRAY_SIZE(hf-ind_table) guard to close the gap. Affects builds with CONFIG_BT_HFP_HF enabled; introduced with the original HFP HF CIND parser (~v1.7) and present through v4.4.0.
AI Analysis
Technical Summary
CVE-2026-10641 is an out-of-bounds write vulnerability in the Zephyr project's Bluetooth Classic HFP Hands-Free role parser located in subsys/bluetooth/host/classic/hfp_hf.c. During the Service Level Connection setup, the Hands-Free device sends AT+CIND=? and parses the +CIND: response from the Audio Gateway. The parser assigns an index to each indicator entry and writes to hf-ind_table[index] without verifying that the index is within the bounds of the 20-element int8_t ind_table[] array. Because there is no cap on the number of +CIND: entries, a malicious or compromised Audio Gateway can send more than 20 entries, causing an out-of-bounds write that corrupts adjacent memory structures. This can lead to denial of service of the Bluetooth host. The vulnerability was introduced around version 1.7.0 and is present through version 4.4.0. The sibling function ag_indicator_handle_values() already had proper bounds checking, and the fix involves adding the same index guard to the vulnerable function.
Potential Impact
The vulnerability allows a remote Bluetooth Audio Gateway to send a specially crafted +CIND: response with more than 20 entries, causing an out-of-bounds write in the Bluetooth host's memory. This memory corruption can lead to denial of service of the Bluetooth host subsystem. There is no indication of confidentiality or availability impact beyond denial of service, and no user interaction is required to trigger the issue.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, avoid pairing with untrusted or unknown Bluetooth Audio Gateways when using Zephyr builds with CONFIG_BT_HFP_HF enabled. Monitor vendor channels for updates addressing this vulnerability.
CVE-2026-10641: bounds in zephyrproject zephyr
Description
Zephyr's Bluetooth Classic Hands-Free Profile (HFP) Hands-Free role parser (subsys/bluetooth/host/classic/hfp_hf.c) contains an out-of-bounds write. During Service Level Connection setup the HF sends AT+CIND=? and parses the AG's +CIND: response in cind_handle(), which assigns a per-entry counter index and calls cind_handle_values() for each list element. cind_handle_values() then wrote hf-ind_table[index] = i without verifying that index is within the 20-element int8_t ind_table[] array of struct bt_hfp_hf. Because the parser places no cap on the number of +CIND: list entries, a remote Attendant Gateway (a malicious, compromised, or spoofed peer the device connects to over Bluetooth) can send a response with more than 20 recognized indicator entries and drive index arbitrarily large, writing a small attacker-positioned value past the array into adjacent struct fields (feature masks, SDP/version state, the calls[] array, work/atomic bookkeeping) and potentially beyond the static connection pool slot. This yields memory corruption and at least denial of service of the Bluetooth host, triggered by a single malformed AT response with no user interaction. The sibling consumer ag_indicator_handle_values() already performed the equivalent bounds check; this commit adds the same index = ARRAY_SIZE(hf-ind_table) guard to close the gap. Affects builds with CONFIG_BT_HFP_HF enabled; introduced with the original HFP HF CIND parser (~v1.7) and present through v4.4.0.
CVSS v3.1
Score 7.1high
Affected software
Run on your own infrastructure? Check whether these packages are installed with threat-finder — our free open-source scanner.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-10641 is an out-of-bounds write vulnerability in the Zephyr project's Bluetooth Classic HFP Hands-Free role parser located in subsys/bluetooth/host/classic/hfp_hf.c. During the Service Level Connection setup, the Hands-Free device sends AT+CIND=? and parses the +CIND: response from the Audio Gateway. The parser assigns an index to each indicator entry and writes to hf-ind_table[index] without verifying that the index is within the bounds of the 20-element int8_t ind_table[] array. Because there is no cap on the number of +CIND: entries, a malicious or compromised Audio Gateway can send more than 20 entries, causing an out-of-bounds write that corrupts adjacent memory structures. This can lead to denial of service of the Bluetooth host. The vulnerability was introduced around version 1.7.0 and is present through version 4.4.0. The sibling function ag_indicator_handle_values() already had proper bounds checking, and the fix involves adding the same index guard to the vulnerable function.
Potential Impact
The vulnerability allows a remote Bluetooth Audio Gateway to send a specially crafted +CIND: response with more than 20 entries, causing an out-of-bounds write in the Bluetooth host's memory. This memory corruption can lead to denial of service of the Bluetooth host subsystem. There is no indication of confidentiality or availability impact beyond denial of service, and no user interaction is required to trigger the issue.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, avoid pairing with untrusted or unknown Bluetooth Audio Gateways when using Zephyr builds with CONFIG_BT_HFP_HF enabled. Monitor vendor channels for updates addressing this vulnerability.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- zephyr
- Date Reserved
- 2026-06-02T15:11:41.956Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a32a8960b89be6888635835
Added to database: 6/17/2026, 2:00:54 PM
Last enriched: 6/17/2026, 2:30:31 PM
Last updated: 6/17/2026, 4:44:24 PM
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.