CVE-2018-16986

Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow.
References
Link Resource
http://e2e.ti.com/support/wireless-connectivity/bluetooth/f/538/t/742827 Mitigation Vendor Advisory
http://www.securityfocus.com/bid/105812 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1042018 Third Party Advisory VDB Entry
https://armis.com/bleedingbit/ Mitigation Third Party Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181101-ap Third Party Advisory
https://www.kb.cert.org/vuls/id/317277 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:ti:ble-stack:*:*:*:*:*:*:*:*
OR cpe:2.3:h:ti:cc2640:-:*:*:*:*:*:*:*
cpe:2.3:h:ti:cc2650:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:ti:ble-stack:3.0.0:*:*:*:*:*:*:*
cpe:2.3:h:ti:cc2640r2f:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:ti:ble-stack:*:*:*:*:*:*:*:*
cpe:2.3:h:ti:cc1350:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-11-06 15:29

Updated : 2023-12-10 12:44


NVD link : CVE-2018-16986

Mitre link : CVE-2018-16986

CVE.ORG link : CVE-2018-16986


JSON object : View

Products Affected

ti

  • cc2650
  • cc2640r2f
  • cc1350
  • ble-stack
  • cc2640
CWE
CWE-787

Out-of-bounds Write