The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame.
References
Link | Resource |
---|---|
https://asset-group.github.io/disclosures/sweyntooth/ | Third Party Advisory |
https://community.cypress.com/thread/53680 | Vendor Advisory |
https://www.cypress.com/products/ble-bluetooth | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-02-10T20:17:23
Updated: 2020-04-13T15:43:42
Reserved: 2019-10-01T00:00:00
Link: CVE-2019-17061
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-02-10T21:51:09.373
Modified: 2022-01-01T19:58:06.507
Link: CVE-2019-17061
JSON object: View
Redhat Information
No data.
CWE