CVE-2024-7139

Summary

Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service. 

If a watchdog timer is not enabled, a hard reset is required to recover the device.

Affected Software

VendorProductVersion RangeStatus
silabs.comRS9116 Bluetooth SDK0 <= 2.10.4affected

Weaknesses

  • CWE-787: CWE-787 Out-of-bounds Write
  • CWE-617: CWE-617 Reachable Assertion

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References