Blueborne Vulnerability

davehutchy gravatar image

asked 2017-09-14 06:03:56 +0100

We require a formal response from Nordic about the state of the Nordic Softdevice with regards to the Blueborne Vulnerability.

The "answer" to the other post is not satisfactory as Nordic Employee Sigurd appears to have based his answer on if Nordic was specifically mentioned and not if the Softdevice has been positively verified as not being vulnerable.

edit retag flag offensive close delete report spam


Why you open new thread then? Old one is still alive, no definitive answer provided nor accepted, question not closed...

endnode ( 2017-09-14 10:25:48 +0100 )editconvert to answer

1 answer

Sort by » oldest newest most voted
sigurdon gravatar image

answered 2017-09-14 10:42:44 +0100

updated 2017-09-14 13:12:22 +0100

Armis Labs has found 8 vulnerabilities, collectively affecting Windows, iOS, and Linux-kernel-based operating systems. 4 of them is found in Android, 2 in Linux, 1 in Windows and 1 in Apple. The Bluetooth stack Nordic uses, the SoftDevice, is a separate stack and is not affected. The vulnerabilities found by Armis Labs, is not found in the SoftDevice.

Also see Nordic Employee Håkon's answer in this post.


There has been no mention of finding firmware issues with the LE peer device in their report, and the list of vulnerabilities are directly related to classic bluetooth.

edit flag offensive delete publish link more


Hello. Arms labs report say that these vulnerabilities are buffer region error. "The vulnerabilities found by Armis Labs, is not found in the SoftDevice" mean that does the implementation of SoftDevice check buffer size by buffer access every time?


seki ( 2017-10-18 09:32:34 +0100 )editconvert to answer

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer. Do not ask a new question or reply to an answer here.

[hide preview]

User menu

    or sign up

Recent questions

Question Tools



Asked: 2017-09-14 06:03:56 +0100

Seen: 502 times

Last updated: sep. 14 '17