CVE-2019-17519

The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet...

CVE-2019-16336

The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and earlier processes data channel frames with a payload length larger than the configured link layer maximum RX payload size, which allows attackers in radio range to cause a denial of service crash via a crafted BLE Li...

CVE-2019-16336

The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and earlier processes data channel frames with a payload length larger than the configured link layer maximum RX payload size, which allows attackers in radio range to cause a denial of service crash via a crafted BLE Li...

Reverse Engineering Tesla Hardware

TL;DR How does the Tesla Model S update its firmware? What did we find when reverse engineering the display and instrument cluster? Here’s the result of a couple of weeks work, working on a real vehicle that mostly worked after we had finished. Part 1: analysing the hardware, complete with a 14...

Microchip Technology BluSDK Smart Denial of Service Vulnerability

Microchip Technology BluSDK Smart is an SDK package developed by Microchip Technology to implement Bluetooth. A security vulnerability exists in the Bluetooth Low Energy implementation in Microchip Technology BluSDK Smart 6.2 and prior versions for ATSAMB11, which arises from the program's failur...

CVE-2019-19195

The Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service crash via a crafted packet...

CVE-2019-17517

The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet...

CVE-2019-17518

The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 1.0.14.1081 for DA1468x devices responds to link layer packets with a payload length larger than expected, allowing attackers in radio range to cause a buffer overflow via a crafted packet. This affects, for example, Augu...

CVE-2019-17517

The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet...

CVE-2019-17061

The Bluetooth Low Energy BLE stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to zero. This allows attackers within radio range to cause...

CVE-2019-17061

The Bluetooth Low Energy BLE stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to zero. This allows attackers within radio range to cause...

CVE-2019-17060

The Bluetooth Low Energy BLE stack implementation on the NXP KW41Z based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID LLID equal to...

Buffer overflow

The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet...

CVE-2019-17517

The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet...

CVE-2019-17060

The CVE-2019-17060 entry affects the NXP KW41Z BLE stack (MCUXpresso SDK Bluetooth Low Energy Driver 2.2.1 and earlier). The vulnerability arises because the Link Layer header is not properly restricted when LLID = 0, causing the device to execute certain memory contents upon frame reception. Con...

PT-2020-9864 · Nxp · Nxp Kw41Z

Name of the Vulnerable Software and Affected Versions: NXP KW41Z versions 2.2.1 and earlier Description: The Bluetooth Low Energy BLE stack implementation does not properly restrict the BLE Link Layer header, allowing attackers within radio range to cause issues by sending a crafted BLE Link Laye...

[SECURITY] Fedora 31 Update: libuv-1.34.2-1.fc31

libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library...

[SECURITY] Fedora 31 Update: mingw-SDL2-2.0.10-1.fc31

Simple DirectMedia Layer SDL is a cross-platform multimedia library designed to provide fast access to the graphics frame buffer and audio device...

undertow: possible Denial Of Service (DOS) in Undertow HTTP server listening on HTTPS

A vulnerability was found in the Undertow HTTP server listening on HTTPS. An attacker can target the HTTPS port to carry out a Denial Of Service DOS to make the service unavailable on SSL...

Vulnerabilities fixed in Cisco products

Vulnerabilities have been fixed in Cisco products. The vulnerabilities are all in the Cisco Discovery Protocol CDP. The vulnerabilities allow an unauthenticated malicious person using a rogue CDP packet to establish a Denial-of-Service and potentially execute arbitrary code execution. Because CDP...