Description
SimpleBLE is a cross-platform library and bindings for Bluetooth Low Energy (BLE). Prior to version 0.14.0, there are multiple stack-based buffer overflow vulnerabilities in SimpleBLE. There is a stack overflow vulnerability in the dongl backend’s Protocol::simpleble_write function (local, caller-controlled input). A stack overflow vulnerability when processing manufacturer-specific data in BLE advertisements (remote, no pairing or connection required). Lastly, a stack overflow vulnerability when processing service data in BLE advertisements (remote, no pairing or connection required). This issue has been patched in version 0.14.0.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
None
Integrity (Vulnerable System)
None
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
Affected products
- simpleble / simpleble< 0.14.0 – < 0.14.0
References
- VENDOR_ADVISORYhttps://github.com/simpleble/simpleble/security/advisories/GHSA-8h89-q8m2-c8fp
- PATCHhttps://github.com/simpleble/simpleble/pull/466
- PATCHhttps://github.com/simpleble/simpleble/commit/1501d59d76a4280268372afb1b157bf6caeacba6
- PATCHhttps://github.com/simpleble/simpleble/releases/tag/v0.14.0