Also worth noting is the section where they point out the gaps in Bluetooth specifications regarding error handling, failures of vendors to adhere to the existing specs, and terrible state of Bluetooth certification which allowed these stacks to pass muster. Read it and weep.
12 vulnerabilities were found across different BLE software development kits (SDKs) of six major system-on-a-chip (SoC) vendors. The vulnerabilities expose flaws in specific BLE SoC implementations that allow an attacker in radio range to trigger deadlocks, crashes and buffer overflow or completely bypass security depending on the circumstances.
