doc: security: Disclose CVE-2025-12890

ceolin · ceolin · commit afa08fbc69be · 2025-11-07T11:05:18.000-08:00
Disclose information about published CVE.

Signed-off-by: Flavio Ceolin &lt;flavio@hubblenetwork.com&gt;
diff --git a/doc/releases/release-notes-4.2.rst b/doc/releases/release-notes-4.2.rst
@@ -71,6 +71,8 @@ Security Vulnerability Related
 
 The following CVEs are addressed by this release:
 
+* :cve:`2025-12890` `Bluetooth: peripheral: Invalid handling of malformed connection request
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8hrf-pfww-83v9>`_
 * :cve:`2025-27809` `TLS clients may unwittingly skip server authentication
   <https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-1/>`_
 * :cve:`2025-27810` `Potential authentication bypass in TLS handshake
diff --git a/doc/security/vulnerabilities.rst b/doc/security/vulnerabilities.rst
@@ -2022,3 +2022,20 @@ Under embargo until 2025-11-24
 -----------------
 
 Under embargo until 2025-12-13
+
+:cve:`2025-12890`
+-----------------
+
+Bluetooth: peripheral: Invalid handling of malformed connection request
+
+Improper handling of malformed Connection Request with the interval
+set to be 1 (which supposed to be illegal) and the chM 0x7CFFFFFFFF
+triggers a crash. The peripheral will not be connectable after it.
+
+- `Zephyr project bug tracker GHSA-8hrf-pfww-83v9
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8hrf-pfww-83v9>`_
+
+This has been fixed in main for v4.2.0
+
+- `PR 89955 fix for main
+  <https://github.com/zephyrproject-rtos/zephyr/pull/89955>`_
