From 2e053e8116ea23e8b00ee848c5a17390c8e20bd4 Mon Sep 17 00:00:00 2001
From: Flavio Ceolin <flavio.ceolin@intel.com>
Date: Thu, 28 Mar 2024 22:36:14 -0700
Subject: [PATCH] doc: security: CVE-2024-3077 left embargo

Disclose information about CVE-2024-3077.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
---
 doc/security/vulnerabilities.rst | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/doc/security/vulnerabilities.rst b/doc/security/vulnerabilities.rst
index 2eda89e11f..468098fa0c 100644
--- a/doc/security/vulnerabilities.rst
+++ b/doc/security/vulnerabilities.rst
@@ -1699,3 +1699,17 @@ This has been fixed in main for v3.6.0
 
 - `PR 69170 fix for main
   <https://github.com/zephyrproject-rtos/zephyr/pull/69170>`_
+
+CVE-2024-3077
+-------------
+
+Bluetooth: Integer underflow in gatt_find_info_rsp. A malicious BLE
+device can crash BLE victim device by sending malformed gatt packet.
+
+- `Zephyr project bug tracker GHSA-gmfv-4vfh-2mh8
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-gmfv-4vfh-2mh8>`_
+
+This has been fixed in main for v3.7.0
+
+- `PR 69396 fix for main
+  <https://github.com/zephyrproject-rtos/zephyr/pull/69396>`_