The specific flaw exists within the PBAP_DecodeVCARD function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root.
Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
Alpine conducted a Threat Assessment and Remediation Analysis (TARA) in accordance with ISO21434, and concluded that the vulnerability is classified as "Sharing the Risk". Alpine states that they will continue to use the current software without a releasing patch.
Link | Providers |
---|---|
https://www.zerodayinitiative.com/advisories/ZDI-24-850/ |
![]() ![]() |
Tue, 12 Aug 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Alpsalpine
Alpsalpine ilx-f509 Alpsalpine ilx-f509 Firmware |
|
CPEs | cpe:2.3:o:alpine-usa:ilx-f509_firmware:*:*:*:*:*:*:*:* |
cpe:2.3:h:alpsalpine:ilx-f509:-:*:*:*:*:*:*:* cpe:2.3:o:alpsalpine:ilx-f509_firmware:*:*:*:*:*:*:*:* |
Vendors & Products |
Alpine-usa
Alpine-usa ilx-f509 Alpine-usa ilx-f509 Firmware |
Alpsalpine
Alpsalpine ilx-f509 Alpsalpine ilx-f509 Firmware |
Mon, 30 Jun 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
cvssV3_1
|
Tue, 24 Jun 2025 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Alpine-usa
Alpine-usa ilx-f509 Alpine-usa ilx-f509 Firmware |
|
CPEs | cpe:2.3:h:alpine-usa:ilx-f509:-:*:*:*:*:*:*:* cpe:2.3:o:alpine-usa:ilx-f509_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Alpine-usa
Alpine-usa ilx-f509 Alpine-usa ilx-f509 Firmware |
Mon, 24 Mar 2025 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-94 | |
Metrics |
cvssV3_1
|
Tue, 18 Feb 2025 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-863 | |
Metrics |
cvssV3_1
|
Fri, 31 Jan 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-863 | |
Metrics |
cvssV3_1
|
Fri, 31 Jan 2025 00:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the PBAP_DecodeVCARD function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. | |
Title | Alpine Halo9 Stack-based Buffer Overflow | |
References |
|

Status: PUBLISHED
Assigner: icscert
Published:
Updated: 2025-07-01T13:41:46.822Z
Reserved: 2024-01-25T00:14:40.299Z
Link: CVE-2024-23963

Updated: 2025-01-31T16:58:31.844Z

Status : Analyzed
Published: 2025-01-31T00:15:09.483
Modified: 2025-08-12T18:13:43.270
Link: CVE-2024-23963

No data.

No data.