IoT, Potential Risk of CVE, Science

CVE-2025-35003: Apache NuttX RTOS Bluetooth Stack (HCI and UART components) 27-5-2025

Leave a comment

Preface: During the Dahe period of Emperor Wenzong of the Tang Dynasty (827-835 AD), there was a scholar named Zheng Renben(鄭仁本), his cousin and his friend Wang Xiucai(王秀才) wandering in Zhongyue Songshan Mountain(中嶽嵩山) and got lost in a deep valley. It was getting dark at this time, and the two were very scared. As they were walking around, they saw someone dressed in white snoring in the grass. They went up to him and asked, “I accidentally entered this path and got lost. Do you know the way to the official road?” The man raised his head, looked, and did not respond and continued to sleep. The two asked the man in white where he came from and called him again and again, so he sat up and said, “Come here.” The man in white introduced: “Do you know that the moon is made of seven treasures? The bright spots on the moon are the result of the sun shining on its convex parts. There are 82,000 people repairing the moon, and I am one of them, one of them…”

Background: The Bluetooth stack in Apache NuttX RTOS is used to enable Bluetooth communication in embedded systems, particularly for devices that require low-power wireless connectivity. This stack typically supports:

  • HCI (Host Controller Interface) over UART or USB
  • Bluetooth Classic and BLE (Bluetooth Low Energy) profiles
  • Device discovery, pairing, and data exchange

It is designed to be modular and lightweight, making it suitable for resource-constrained microcontrollers.

Vulnerability details: Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer Overflow vulnerabilities were discovered in Apache NuttX RTOS Bluetooth Stack (HCI and UART components) that may result in system crash, denial of service, or arbitrary code execution, after receiving maliciously crafted packets.

Remedy: NuttX’s Bluetooth HCI/UART stack users are advised to upgrade to version 12.9.0, which fixes the identified implementation issues. This issue affects Apache NuttX: from 7.25 before 12.9.0.

Official announcement: Please see the link for details – https://www.tenable.com/cve/CVE-2025-35003

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.