CVE-2021-31609

Name of the Vulnerable Software and Affected Versions Silicon Labs iWRAP versions 6.3.0 and earlier

Description The Bluetooth Classic implementation does not properly handle the reception of an oversized LMP packet greater than 17 bytes, allowing attackers in radio range to trigger a crash in WT32i via a crafted LMP packet.

Recommendations For versions 6.3.0 and earlier, consider disabling the Bluetooth Classic implementation until a patch is available to prevent the reception of oversized LMP packets. At the moment, there is no information about a newer version that contains a fix for this vulnerability.