CVE-2026-10660: Shared reassembly buffer in Bluetooth BAP Broadcast Assistant enables cross-connection memory corruption
The Bluetooth BAP Broadcast Assistant GATT client in subsys/bluetooth/audio/bap_broadcast_assistant.c reassembled remote Broadcast Receive State data into a single file-static net_buf_simple (att_buf, BT_ATT_MAX_ATTRIBUTE_LEN = 512 bytes) shared by all connection instances, while the BUSY flag, long-read handle, and reset/offset state were per-connection.
When the device acts as a Broadcast Assistant connected to multiple Scan Delegator peripherals, notification and long-read callbacks from different connections interleave on the shared buffer: the append in notify_handler (net_buf_simple_add_mem at the not-busy branch) performs no tailroom check, so receive-state notifications from two or more delegators accumulate on the same 512-byte buffer and, with a sufficiently large configured ATT MTU (BT_L2CAP_TX_MTU up to 2000) and two-to-three concurrent connections, write past the buffer into adjacent .bss (net_buf_simple_add only asserts in debug builds).
Even below the overflow threshold, one connection's net_buf_simple_reset zeroes the shared length while another connection's reassembly and GATT read offset are in flight, mixing one peer's data into another's parse. A malicious or compromised Scan Delegator (or two colluding peers) over BLE can trigger this, causing out-of-bounds writes (memory corruption / denial of service) and cross-connection data corruption.
The fix moves the buffer into the per-connection instance struct so each connection reassembles into its own buffer. Affects Zephyr releases shipping the Broadcast Assistant with the shared buffer, including v4.4.0 and earlier.
Security readout for executives and security teams
Plain-English summary
CVE-2026-10660 affects Zephyr devices acting as Bluetooth BAP Broadcast Assistants. Multiple connected BLE Scan Delegators can interfere with one shared reassembly buffer, causing memory corruption, denial of service, or mixed peer data. The advisory reports a patch, but there is no evidence of active exploitation in the provided sources.
Executive priority
Prioritize assessment for Bluetooth audio or LE Audio products using Zephyr. This is not internet-reachable and has high attack complexity, but successful exploitation can disrupt devices or corrupt memory, which matters for safety, availability, and field reliability.
Technical view
The Broadcast Assistant GATT client used one file-static 512-byte net_buf_simple for all connections while tracking busy, offset, and reset state per connection. Interleaved notification and long-read callbacks can append without a tailroom check or reset another connection's buffer state, causing out-of-bounds writes and cross-connection parsing corruption.
Likely exposure
Exposure is most likely in embedded products running Zephyr with Bluetooth audio Broadcast Assistant functionality enabled and connected to multiple Scan Delegator peripherals. The bundle says releases shipping the shared buffer are affected, including v4.4.0 and earlier, but its affected-version metadata only lists Zephyr 3.6.0, so version scope should be verified against the advisory.
Exploitation context
The attacker must be within BLE range and operate a malicious or compromised Scan Delegator, or coordinate multiple peers. The CVSS vector is adjacent network, high complexity, no privileges, and no user interaction. The source bundle marks KEV false and provides no cited evidence of exploitation in the wild.
Researcher notes
Focus validation on concurrent connection behavior in the Broadcast Assistant GATT client. The key flaw is state separation failure: per-connection control state with a global data buffer. Avoid assuming broader Zephyr Bluetooth impact without source confirmation. The provided version data is incomplete or inconsistent and should be reconciled with upstream GHSA metadata.
Mitigation direction
Apply the Zephyr fix commit or update to a vendor release containing it.
Track GHSA-73c7-3rh7-v5p9 for official fixed-version and backport guidance.
Disable Broadcast Assistant functionality where the product does not require it.
For downstream firmware, request vendor confirmation that the per-connection buffer fix is included.
Validation and detection
Inventory products using Zephyr Bluetooth audio Broadcast Assistant code.
Check whether bap_broadcast_assistant.c uses a shared file-static reassembly buffer.
Confirm patched builds move the receive-state buffer into per-connection instance state.
Review BLE configurations involving multiple Scan Delegator connections and large ATT MTU values.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cwe · low confidence lookup
CWE-787: Exact CWE lookup
Use the exact CWE identifier as the starting point before reviewing related ATT&CK behavior. Open the exact CWE lookup page first, then review the ATT&CK searches from that MITRE weakness context. This is a Glexia lookup hint, not an official ATT&CK mapping.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
We collect every scored CVSS vector available in the official CNA and ADP containers. When more than one version is present, the table keeps the source vectors side by side instead of collapsing them into the highest score.
CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.
CWE-787 · source CWE mapping
Out-of-bounds Write
Out-of-bounds Write represents a recurring weakness pattern that can create exploitable paths when design, validation, or implementation controls are missing.