28 matches found
EUVD-2021-20806
Malware in sbrugna...
EUVD-2021-20810
Malware in sbrugna...
EUVD-2021-18501
Malware in sbrugna...
CVE-2021-34144
The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMPSCOLinkRequest packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections disabling the AB5301A inqui...
CVE-2019-14095
Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag...
Memory corruption
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore...
CVE-2021-31611
The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle an out-of-order LMP Setup procedure that is followed by a malformed LMP packet, allowing attackers in radio range to deadlock a device via a crafted LMP packet. The user needs to manually reboo...
CVE-2021-31612
The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure, allowing attackers in radio range to trigger a deadlock via a crafted LMP packet...
CVE-2021-34148
The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMPmaxslot with a greater ACL Length after completion of the LMP setup procedure, allowing attackers in radio range to trigger a denial of service...
CVE-2021-31609
The Bluetooth Classic implementation in Silicon Labs iWRAP 6.3.0 and earlier does not properly handle the reception of an oversized LMP packet greater than 17 bytes, allowing attackers in radio range to trigger a crash in WT32i via a crafted LMP packet...
CVE-2021-31609
The Bluetooth Classic implementation in Silicon Labs iWRAP 6.3.0 and earlier does not properly handle the reception of an oversized LMP packet greater than 17 bytes, allowing attackers in radio range to trigger a crash in WT32i via a crafted LMP packet...
Design/Logic Flaw
The Bluetooth Classic implementation in Silicon Labs iWRAP 6.3.0 and earlier does not properly handle the reception of an oversized LMP packet greater than 17 bytes, allowing attackers in radio range to trigger a crash in WT32i via a crafted LMP packet...
Information disclosure
The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure, allowing attackers in radio range to trigger a deadlock via a crafted LMP packet...
UBUNTU-CVE-2021-34145
The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMPmaxslot with an invalid Baseband packet type and LTADDRESS and LTADDR after completion of the LMP setup procedure, allowing attackers in radio range...
CVE-2021-31609
The CVE-2021-31609 issue affects Silicon Labs iWRAP (Bluegiga WT32i module) up to version 6.3.0 and earlier. The vulnerability arises in the Bluetooth Classic LMP handling when receiving an oversized LMP packet (>17 bytes), which can cause a crash in WT32i when a crafted LMP packet is processe...
CVE-2021-31609
The Bluetooth Classic implementation in Silicon Labs iWRAP 6.3.0 and earlier does not properly handle the reception of an oversized LMP packet greater than 17 bytes, allowing attackers in radio range to trigger a crash in WT32i via a crafted LMP packet...
CVE-2021-34150
The Bluetooth Classic implementation on Bluetrum AB5301A devices with unknown firmware versions does not properly handle the reception of oversized DM1 LMP packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections disabling the AB5301A inqui...
CVE-2021-31613
The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers in radio range to immediately crash and restart a device via a crafted LMP packet...
Memory corruption
The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption and consequently a crash in ESP32 via a replaye...
Information disclosure
The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers in radio range to immediately crash and restart a device via a crafted LMP packet...