From f4baa2b0947e3994a355c8fb6010516f69d68d2c Mon Sep 17 00:00:00 2001
From: Flavio Ceolin <flavio.ceolin@intel.com>
Date: Mon, 25 Sep 2023 14:53:27 -0700
Subject: [PATCH] doc: vuln: Add information about CVE-2023-4258

Information about CVE-2023-4258

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
---
 doc/security/vulnerabilities.rst | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/doc/security/vulnerabilities.rst b/doc/security/vulnerabilities.rst
index 92ccc0f3a7d..fa12af7e9a7 100644
--- a/doc/security/vulnerabilities.rst
+++ b/doc/security/vulnerabilities.rst
@@ -1339,6 +1339,25 @@ This has been fixed in main for v3.4.0
 - `PR 56709 fix for main
   <https://github.com/zephyrproject-rtos/zephyr/pull/56709>`_
 
+CVE-2023-4258
+-------------
+
+bt: mesh: vulnerability in provisioning protocol implementation on provisionee side
+
+- `Zephyr project bug tracker GHSA-m34c-cp63-rwh7
+  <https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-m34c-cp63-rwh7>`_
+
+This has been fixed in main for v3.5.0
+
+- `PR 59467 fix for main
+  <https://github.com/zephyrproject-rtos/zephyr/pull/59467>`_
+
+- `PR 60078 fix for 3.4
+  <https://github.com/zephyrproject-rtos/zephyr/pull/60078>`_
+
+- `PR 60079 fix for 3.3
+  <https://github.com/zephyrproject-rtos/zephyr/pull/60079>`_
+
 CVE-2023-4265
 -------------