diff --git a/include/bluetooth/hci.h b/include/bluetooth/hci.h
index e804a35614..604722113b 100644
--- a/include/bluetooth/hci.h
+++ b/include/bluetooth/hci.h
@@ -104,6 +104,7 @@ static inline bool bt_addr_le_is_identity(const bt_addr_le_t *addr)
 #define BT_HCI_ERR_CMD_DISALLOWED               0x0c
 #define BT_HCI_ERR_INSUFFICIENT_RESOURCES       0x0d
 #define BT_HCI_ERR_UNSUPP_FEATURE_PARAMS_VAL    0x11
+#define BT_HCI_ERR_INVALID_PARAMS               0x12
 #define BT_HCI_ERR_REMOTE_USER_TERM_CONN        0x13
 #define BT_HCI_ERR_PAIRING_NOT_ALLOWED          0x18
 #define BT_HCI_ERR_UNSUPP_REMOTE_FEATURE        0x1a
diff --git a/subsys/bluetooth/host/hci_ecc.c b/subsys/bluetooth/host/hci_ecc.c
index b06391fd03..eea18e98d2 100644
--- a/subsys/bluetooth/host/hci_ecc.c
+++ b/subsys/bluetooth/host/hci_ecc.c
@@ -171,11 +171,16 @@ static void emulate_le_generate_dhkey(struct net_buf *buf)
 		uint32_t dhkey[8];
 	} ecc;
 
-	cmd = (void *)buf->data  + sizeof(struct bt_hci_cmd_hdr);
+	if (buf->len < sizeof(*cmd)) {
+		send_cmd_status(BT_HCI_OP_LE_GENERATE_DHKEY,
+				BT_HCI_ERR_INVALID_PARAMS);
+		return;
+	}
 
-	/* TODO verify cmd parameters? */
 	send_cmd_status(BT_HCI_OP_LE_GENERATE_DHKEY, 0);
 
+	cmd = (void *)buf->data  + sizeof(struct bt_hci_cmd_hdr);
+
 	memcpy(ecc.pk.x, cmd->key, 32);
 	memcpy(ecc.pk.y, &cmd->key[32], 32);