Apache Mynewt NimBLE: NULL Pointer Dereference in NimBLE host HCI...

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Description

NULL Pointer Dereference vulnerability in Apache Nimble.

Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference.
This issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low.

This issue affects Apache NimBLE: through 1.8.0.

Users are recommended to upgrade to version 1.9.0, which fixes the issue.

Basic Information

ID CVE-2025-53477

Source apache

Published Jan 10, 2026 at 09:45

Modified Jan 12, 2026 at 16:54

Affected Product

Vendor Apache Software Foundation

Product Apache Mynewt NimBLE

Affected Versions Apache Software Foundation Apache Mynewt NimBLE 0

CWE Classification

CWE-476

References

{
    "lastseen": "",
    "description": "NULL Pointer Dereference vulnerability in Apache Nimble.\n\nMissing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference.\nThis issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low.\n\nThis issue affects Apache NimBLE: through 1.8.0.\n\nUsers are recommended to upgrade to version 1.9.0, which fixes the issue.",
    "published": "2026-01-10T09:45:27.630Z",
    "modified": "2026-01-12T16:54:48.496Z",
    "type": "cve",
    "title": "Apache Mynewt NimBLE: NULL Pointer Dereference in NimBLE host HCI layer",
    "source": "apache",
    "references": "https://github.com/apache/mynewt-nimble/commit/0caf9baeb271ede85fcc5237ab87ddbf938600da\nhttps://github.com/apache/mynewt-nimble/commit/3160b8c4c7ff8db4e0f9badcdf7df684b151e077\nhttps://lists.apache.org/thread/1dxthc132hwm2tzvjblrtnschcsbw2vo",
    "id": "CVE-2025-53477",
    "bulletinFamily": "",
    "cwe": [
        "CWE-476"
    ],
    "cvelist": null,
    "sourceData": "Apache Software Foundation Apache Mynewt NimBLE 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Apache Mynewt NimBLE",
    "version": "0",
    "vendor": "Apache Software Foundation",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Apache Mynewt NimBLE: NULL Pointer Dereference in NimBLE host HCI layer_CVE-2025-53477