EUVD-2021-20807

Malware in sbrugna...

CVE-2021-34145

The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMPmaxslot with an invalid Baseband packet type and LTADDRESS and LTADDR after completion of the LMP setup procedure, allowing attackers in radio range...

CVE-2021-34148

The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMPmaxslot with a greater ACL Length after completion of the LMP setup procedure, allowing attackers in radio range to trigger a denial of service...

CVE-2021-34147

The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple reconnections to the link slave, allowing attackers to exhaust device BT resources and eventually...

CVE-2021-34147

The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple reconnections to the link slave, allowing attackers to exhaust device BT resources and eventually...

CVE-2021-34147

The CVE-2021-34147 entry concerns the Cypress WICED Bluetooth Classic stack (CYW20735B1) up to version 2.9.0. The fault is in handling a malformed LMP timing accuracy response followed by multiple reconnections to the link slave, which can exhaust the device’s Bluetooth resources and lead to a cr...

CVE-2021-34145

The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMPmaxslot with an invalid Baseband packet type and LTADDRESS and LTADDR after completion of the LMP setup procedure, allowing attackers in radio range...