PT-2021-4308 · Zhuhai Jieli · Ac690X

Published

2021-09-07

Updated

2021-09-15

CVE-2021-31612

CVSS v2.0

6.1

Medium

Vector

AV:A/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Zhuhai Jieli AC690X devices (affected versions not specified)

Description The Bluetooth Classic implementation does not properly handle the reception of an oversized LMP packet greater than 17 bytes during the LMP auto rate procedure. This allows attackers in radio range to trigger a deadlock via a crafted LMP packet. The issue exists due to insufficient input validation in the Bluetooth Classic implementation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2021-04917

CVE-2021-31612

Affected Products

Ac690X

PT-2021-4308 · Zhuhai Jieli · Ac690X

CVE-2021-31612

Weakness Enumeration

Related Identifiers

Affected Products

References · 6