CVE-2018-20378

Name of the Vulnerable Software and Affected Versions: OpenSynergy Blue SDK versions 3.2 through 6.0

Description: The issue allows remote, unauthenticated attackers to execute arbitrary code or cause a denial of service via malicious L2CAP configuration requests, in conjunction with crafted SDP communication over maliciously configured L2CAP channels. The attacker must have connectivity over the Bluetooth physical layer and be able to send raw L2CAP frames. This is related to L2Cap HandleConfigReq in core/stack/l2cap/l2cap sm.c and SdpServHandleServiceSearchAttribReq in core/stack/sdp/sdpserv.c.

Recommendations: For OpenSynergy Blue SDK versions 3.2 through 6.0, consider disabling the L2Cap HandleConfigReq function and restricting access to the SdpServHandleServiceSearchAttribReq function until a patch is available. Additionally, restrict the ability to send raw L2CAP frames and limit connectivity over the Bluetooth physical layer to trusted devices.