Vulnerability Description
The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Nxp | Mcuxpresso Software Development Kit | <= 2.2.1 |
| Nxp | Kw31Z | - |
| Nxp | Kw34 | - |
| Nxp | Kw35 | - |
| Nxp | Kw36 | - |
| Nxp | Kw37 | - |
| Nxp | Kw38 | - |
| Nxp | Kw39 | - |
| Nxp | Kw41Z | - |
Related Weaknesses (CWE)
References
- https://asset-group.github.io/disclosures/sweyntooth/Third Party Advisory
- https://www.nxp.com/products/wireless/bluetooth-low-energy:BLUETOOTH-LOW-ENERGY-Vendor Advisory
- https://asset-group.github.io/disclosures/sweyntooth/Third Party Advisory
- https://www.nxp.com/products/wireless/bluetooth-low-energy:BLUETOOTH-LOW-ENERGY-Vendor Advisory
FAQ
What is CVE-2019-17060?
CVE-2019-17060 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer head...
How severe is CVE-2019-17060?
CVE-2019-17060 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-17060?
Check the references section above for vendor advisories and patch information. Affected products include: Nxp Mcuxpresso Software Development Kit, Nxp Kw31Z, Nxp Kw34, Nxp Kw35, Nxp Kw36.