CVEs-PoC/2021/CVE-2021-34147.md at dc6e2cf7158eeb24cfecb4d64f4f1da9a8a732e2

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 06:55:56 +02:00

Files

T

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple reconnections to the link slave, allowing attackers to exhaust device BT resources and eventually trigger a crash via multiple attempts of sending a crafted LMP timing accuracy response followed by a sudden reconnection with a random BDAddress.

POC

Reference

https://dl.packetstormsecurity.net/papers/general/braktooth.pdf

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/JeffroMF/awesome-bluetooth-security321
https://github.com/engn33r/awesome-bluetooth-security

1.0 KiB Raw Blame History

CVE-2021-34147

Description

POC

Reference

Github

1.0 KiB

Raw Blame History