An integer overflow condition exists in Bluetooth Host stack, within the btbracl_recv routine a critical path for processing inbound BR/EDR L2CAP traffic.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/12xxx/CVE-2025-12035.json",
"cna_assigner": "zephyr",
"cwe_ids": [
"CWE-190"
]
}