Bluetooth Classic Vulnerability: Truncated LMP_SCO_Link_Request Packet Denial of Service

Bluetooth Classic Vulnerability: Truncated LMP_SCO_Link_Request Packet Denial of Service

CVE-2021-34144 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The Bluetooth Classic implementation in the Zhuhai Jieli AC6366C BT SDK through 0.9.1 does not properly handle the reception of truncated LMP_SCO_Link_Request packets while no other BT connections are active, allowing attackers in radio range to prevent new BT connections (disabling the AB5301A inquiry and page scan procedures) via a crafted LMP packet. The user needs to manually perform a power cycle (restart) of the device to restore BT connectivity.

Learn more about our User Device Pen Test.