Out of bounds write in L2CAP reassembly

Description

Out of bounds write in L2CAP reassembly

Risk Assesment: 8.2

CWE

787

CVE

0022

Attack Surfaces

Controller Implementation (MITRE EMB3D PID-11)

Android

Flouride

Attack Vectors

RCE (MITRE EMB3D TID-310)

DoS (MITRE EMB3D TID-404)

Defenses

Correct size computation before write operations, Correct the continuous packet length in L2CAP reassembly logic