docs(protocomm): add advisory for 2 new CVE

2026-04-27 19:13:21 +00:00 · 2026-02-11 12:06:03 +05:30
parent c5d72691e6
commit d3c1584238
1 changed files with 24 additions and 0 deletions
@@ -21,6 +21,28 @@ WPS Enrollee Fragment Integer Underflow Vulnerability
 * Advisory pointer: `GHSA-m2h2-683f-9mw7`_


+CVE-2026-25508
+~~~~~~~~~~~~~~
+
+Use-after-free Vulnerability in BLE Provisioning
+
+* Espressif Advisory: NA (Published on GitHub)
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+* Advisory pointer: `GHSA-h7r3-gmg9-xjmg`_
+
+
+CVE-2026-25507
+~~~~~~~~~~~~~~
+
+Out-of-bounds Read Vulnerability in BLE Provisioning
+
+* Espressif Advisory: NA (Published on GitHub)
+* Impact: Applicable for ESP-IDF
+* Resolution: Please see advisory for details
+* Advisory pointer: `GHSA-9j5x-rf36-54x9`_
+
+
 CVE-2025
 --------

@@ -296,3 +318,5 @@ Security Advisory Concerning Wi-Fi Authentication Bypass
 .. _`GHSA-hmjj-rjvv-w8pq` : https://github.com/espressif/esp-idf/security/advisories/GHSA-hmjj-rjvv-w8pq
 .. _`GHSA-43gh-7r4f-qp57` : https://github.com/espressif/esp-idf/security/advisories/GHSA-43gh-7r4f-qp57
 .. _`GHSA-m2h2-683f-9mw7` : https://github.com/espressif/esp-idf/security/advisories/GHSA-m2h2-683f-9mw7
+.. _`GHSA-h7r3-gmg9-xjmg` : https://github.com/espressif/esp-idf/security/advisories/GHSA-h7r3-gmg9-xjmg
+.. _`GHSA-9j5x-rf36-54x9` : https://github.com/espressif/esp-idf/security/advisories/GHSA-9j5x-rf36-54x9