CVE-2024-7138

An assert may be triggered, causing a temporary denial of service when a peer device sends a specially crafted malformed L2CAP packet. If a watchdog timer is not enabled, a hard reset is required to recover the device.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://community.silabs.com/068Vm00000I5mjD

Configurations

No configuration.

History

28 May 2025, 14:15

Type	Values Removed	Values Added
References	~~{'url': 'https://community.silabs.com/068Vm00000F9zre', 'source': 'product-security@silabs.com'}~~	() https://community.silabs.com/068Vm00000I5mjD -
Summary		(es) Se puede activar una aserción que provoque una denegación temporal del servicio cuando un dispositivo de pares envía un paquete L2CAP mal formado especialmente manipulado. Si no se habilita un temporizador de vigilancia, se requiere un reinicio completo para recuperar el dispositivo.

19 Dec 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-19 20:15

Updated : 2025-05-28 14:15

NVD link : CVE-2024-7138

Mitre link : CVE-2024-7138

CVE.ORG link : CVE-2024-7138

JSON object : View

Products Affected

No product.

CWE

CWE-617

Reachable Assertion

{"id": "CVE-2024-7138", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "product-security@silabs.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-12-19T20:15:07.947", "references": [{"url": "https://community.silabs.com/068Vm00000I5mjD", "source": "product-security@silabs.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "product-security@silabs.com", "description": [{"lang": "en", "value": "CWE-617"}]}], "descriptions": [{"lang": "en", "value": "An assert may be triggered, causing a temporary denial of service when a peer device sends a specially crafted malformed L2CAP packet. If a watchdog timer is not enabled, a hard reset is required to recover the device."}, {"lang": "es", "value": "Se puede activar una aserci\u00f3n que provoque una denegaci\u00f3n temporal del servicio cuando un dispositivo de pares env\u00eda un paquete L2CAP mal formado especialmente manipulado. Si no se habilita un temporizador de vigilancia, se requiere un reinicio completo para recuperar el dispositivo."}], "lastModified": "2025-05-28T14:15:32.080", "sourceIdentifier": "product-security@silabs.com"}

6.5 /10