CVE-2021-28136

The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of multiple LMP IO Capability Request packets during the pairing process, allowing attackers in radio range to trigger memory corruption and consequently a crash in ESP32 via a replaye...

CVE-2021-31613

The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle the reception of a truncated LMP packet during the LMP auto rate procedure, allowing attackers in radio range to immediately crash and restart a device via a crafted LMP packet...

CVE-2021-31611

The Bluetooth Classic implementation on Zhuhai Jieli AC690X and AC692X devices does not properly handle an out-of-order LMP Setup procedure that is followed by a malformed LMP packet, allowing attackers in radio range to deadlock a device via a crafted LMP packet. The user needs to manually reboo...

CVE-2021-31612

The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure, allowing attackers in radio range to trigger a deadlock via a crafted LMP packet...

EUVD-2019-5349

Malware in sbrugna...

EUVD-2021-20810

Malware in sbrugna...

EUVD-2021-21737

Malware in sbrugna...

EUVD-2021-14835

Malware in sbrugna...

EUVD-2021-20806

Malware in sbrugna...

EUVD-2021-18502

Malware in sbrugna...

EUVD-2021-18501

Malware in sbrugna...

EUVD-2021-20807

Malware in sbrugna...

EUVD-2021-18500

Malware in sbrugna...

CVE-2021-34144

The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMPSCOLinkRequest packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections disabling the AB5301A inqui...

CVE-2021-31609

The Bluetooth Classic implementation in Silicon Labs iWRAP 6.3.0 and earlier does not properly handle the reception of an oversized LMP packet greater than 17 bytes, allowing attackers in radio range to trigger a crash in WT32i via a crafted LMP packet...

CVE-2019-14095

Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag...

CVE-2021-35093

Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore...

Memory corruption

Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore...

CVE-2021-35093

Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore...

CVE-2021-31612

The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure, allowing attackers in radio range to trigger a deadlock via a crafted LMP packet...