The Bluetooth Classic implementation in Espressif ESP-IDF 4.4 and earlier does not properly handle the reception of continuous unsolicited LMP responses, allowing attackers in radio range to trigger a denial of service (crash) in ESP32 by flooding the target device with LMP Feature Response data.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-03T21:33:17.612Z

Reserved: 2021-03-11T00:00:00

Link: CVE-2021-28135

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-09-07T06:15:07.230

Modified: 2024-11-21T05:59:09.477

Link: CVE-2021-28135

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.