Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DOS: Incorrect handling of the initial HCI ACL_MTU handshake packet leads to crash of bluetooth host layer
Vulnerability Description
Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H
Vulnerability Type
对异常条件检查或处理不恰当
Vulnerability Title
Zephyr 安全漏洞
Vulnerability Description
Zephyr是Zephyr Project开源的一个可扩展的实时操作系统 (RTOS)。 Zephyr v2.4.0版本存在安全漏洞,该漏洞源于在 hci 主机堆栈初始化期间,无效的 ACL_MTU 数据包没有得到正确处理,攻击者利用该漏洞可以通过蓝牙控制器发送恶意 ACL_MTU 数据包导致 HCI主机层崩溃。
CVSS Information
N/A
Vulnerability Type
N/A