CVE-2024-7139

Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service. If a watchdog timer is not enabled, a hard reset is required to recover the device.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://community.silabs.com/068Vm00000I5mjD

Configurations

No configuration.

History

28 May 2025, 14:15

Type	Values Removed	Values Added
Summary		(es) Debido a una longitud de búfer no controlada, un paquete L2CAP especialmente manipulado puede provocar un desbordamiento de búfer. Este desbordamiento de búfer activa una aserción, lo que da como resultado una denegación temporal del servicio. Si no se habilita un temporizador de vigilancia, se requiere un reinicio completo para recuperar el dispositivo.
References	~~{'url': 'https://community.silabs.com/068Vm00000F9zre', 'source': 'product-security@silabs.com'}~~	() https://community.silabs.com/068Vm00000I5mjD -

19 Dec 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-19 20:15

Updated : 2025-05-28 14:15

NVD link : CVE-2024-7139

Mitre link : CVE-2024-7139

CVE.ORG link : CVE-2024-7139

JSON object : View

Products Affected

No product.

CWE

CWE-617

Reachable Assertion

CWE-787

Out-of-bounds Write

6.5 /10