CVE-2020-6616

2020-05-08T20:15:00
ID CVE-2020-6616
Type cve
Reporter cve@mitre.org
Modified 2021-07-21T11:39:00

Description

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8 devices with the BCM4361 chipset. The Samsung ID is SVE-2020-16882 (May 2020).