RS9116 Bluetooth SDK

0

SINGLE_NUMBER 3 CVEs

2.10.4

SEMANTIC 3 CVEs

CVE-2024-7139

Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service.  If a watchdog timer is not enabled, a hard reset is required to recover the device.

MEDIUM Dec 19, 2024

CVE-2024-7138

An assert may be triggered, causing a temporary denial of service when a peer device sends a specially crafted malformed L2CAP packet. If a watchdog timer is not enabled, a hard reset is required to recover the device.

MEDIUM Dec 19, 2024

CVE-2024-7137

The L2CAP receive data buffer for L2CAP packets is restricted to packet sizes smaller than the maximum supported packet size. Receiving a packet that exceeds the restricted buffer length may cause a crash. A hard reset is required to recover the crashed device.

MEDIUM Dec 19, 2024