CVE-2024-7138
📋 TL;DR
CVE-2024-7138 is a Bluetooth L2CAP protocol vulnerability that allows a remote attacker to trigger an assertion failure by sending a specially crafted malformed packet, causing a temporary denial of service. Affected devices may require a hard reset if watchdog timers are disabled. This impacts Bluetooth-enabled devices using vulnerable implementations.
💻 Affected Systems
- Silicon Labs Bluetooth devices/software
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Permanent device bricking requiring physical reset or hardware replacement if watchdog timer is disabled and device cannot recover automatically.
Likely Case
Temporary denial of service requiring manual reboot or device reset, disrupting Bluetooth functionality until recovery.
If Mitigated
Automatic recovery via watchdog timer with minimal service interruption.
🎯 Exploit Status
Exploitation requires sending malformed L2CAP packets to target Bluetooth device within range. No authentication needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not specified in reference
Vendor Advisory: https://community.silabs.com/068Vm00000I5mjD
Restart Required: Yes
Instructions:
1. Check Silicon Labs advisory for affected products. 2. Apply vendor-provided firmware/software updates. 3. Reboot affected devices after patching.
🔧 Temporary Workarounds
Enable Watchdog Timer
allEnsure watchdog timer is enabled to allow automatic recovery from assertion failures
Device-specific configuration commands (consult vendor documentation)
Disable Unnecessary Bluetooth Services
allReduce attack surface by disabling Bluetooth when not needed
systemctl disable bluetooth (Linux)
Disable Bluetooth in device settings
🧯 If You Can't Patch
- Segment Bluetooth networks to limit potential attack surface
- Implement physical security controls to prevent unauthorized Bluetooth access
🔍 How to Verify
Check if Vulnerable:
Check device firmware version against vendor advisory. Monitor for assertion failures or Bluetooth service crashes.Check Version:
Vendor-specific command (e.g., device info command or firmware version check)Verify Fix Applied:
Verify updated firmware version matches patched version from vendor. Test with legitimate L2CAP traffic.📡 Detection & Monitoring
Log Indicators:
- Bluetooth stack assertion failures
- L2CAP protocol errors
- Watchdog timer resets
- Bluetooth service crashes
Network Indicators:
- Malformed L2CAP packets
- Unusual Bluetooth connection attempts
SIEM Query:
source="bluetooth_logs" AND ("assertion failure" OR "L2CAP error" OR "watchdog reset")