CVE-2019-13916
CVE-2019-13916 affects Cypress/WICED Studio 6.2 on CYW20735B1 and CYW20819A1. A BLE packet received is copied into a heap (ThreadX Block) buffer; the dhmulp_getRxBuffer allocation is four bytes too small for the max 255 bytes plus headers. This can corrupt a pointer in the g_mm_BLEDeviceToHostPoo...