In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerability can be triggered during provisioning.
zephyrproject zephyr