Denial of Service in Bluetooth Classic on Actions ATS2815 and ATS2819 Chipsets
CVE-2021-31785

6.5MEDIUM

Key Information:

Vendor

Actions-semi

Status
Ats2819p Firmware
Vendor
CVE Published:
7 September 2021

What is CVE-2021-31785?

The Bluetooth Classic implementation on Actions ATS2815 and ATS2819 chipsets has a vulnerability that fails to properly process multiple LMP_host_connection_req packets. This oversight can be exploited by attackers within radio range, enabling them to send specially crafted LMP packets that may lead to a denial of service condition, causing the device to enter a deadlock state. To restore normal Bluetooth functionality, users must manually restart the device.

References

https://www.actions-semi.com/index.php?id=3581&siteId=4
x_refsource_MISC
https://launchstudio.bluetooth.com/ListingDetails/76427
x_refsource_MISC
https://dl.packetstormsecurity.net/papers/general/braktoo...
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.