From 2f5b9577de87b710f4dcab4cbff6a0f9505fcb4d Mon Sep 17 00:00:00 2001
From: Flavio Ceolin <flavio.ceolin@intel.com>
Date: Fri, 13 Sep 2024 11:56:20 -0700
Subject: [PATCH] doc: security: Disclose CVE-2024-6258

Disclose information about published CVE.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
---
 doc/security/vulnerabilities.rst | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/doc/security/vulnerabilities.rst b/doc/security/vulnerabilities.rst
index 59a77f60cba..35aec607ca6 100644
--- a/doc/security/vulnerabilities.rst
+++ b/doc/security/vulnerabilities.rst
@@ -1782,7 +1782,15 @@ Under embargo until 2024-09-11
 CVE-2024-6258
 -------------
 
-Under embargo until 2024-09-05
+BT: Missing length checks of net_buf in rfcomm_handle_data
+
+- `Zephyr project bug tracker GHSA-7833-fcpm-3ggm
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7833-fcpm-3ggm>`_
+
+This has been fixed in main for v3.7.0
+
+- `PR 74640 fix for main
+  <https://github.com/zephyrproject-rtos/zephyr/pull/74640>`_
 
 CVE-2024-6259
 -------------