CVE-2021-34149

Sažetak

The Bluetooth Classic implementation on the Texas Instruments CC256XCQFN-EM does not properly handle the reception of continuous LMP_AU_Rand packets, allowing attackers in radio range to trigger a denial of service (deadlock) of the device by flooding it with LMP_AU_Rand packets after the paging procedure.

Reference

https://dl.packetstormsecurity.net/papers/general/braktooth.pdf
https://www.ti.com/product/CC2564C
https://www.ti.com/tool/CC256XC-BT-SP#primary-sw

CVSS

Base:	3.3
Impact:	2.9
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:A/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

09-09-2021 - 23:23

Objavljeno

07-09-2021 - 07:15