CVE-2024-7139

Published: Dec 19, 2024Modified: May 28, 2025

6.5

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: product-security@silabs.com (Secondary)

Description

Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service. If a watchdog timer is not enabled, a hard reset is required to recover the device.

Related CWEs

CWE-617

Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (1)

https://community.silabs.com/068Vm00000I5mjD

Source: product-security@silabs.com

Timeline

No history available yet.