CVE-2021-31612

Sažetak

The Bluetooth Classic implementation on Zhuhai Jieli AC690X devices does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure, allowing attackers in radio range to trigger a deadlock via a crafted LMP packet.

Reference

https://launchstudio.bluetooth.com/ListingDetails/19746
https://dl.packetstormsecurity.net/papers/general/braktooth.pdf
http://www.zh-jieli.com/product/68-cn.html

CVSS

Base:	6.1
Impact:	6.9
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:A/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

15-09-2021 - 00:02

Objavljeno

07-09-2021 - 07:15