bluez-firmware is vulnerable to denial of service (DoS) attacks. The library does not properly handle the reception of a malformed LMP timing accuracy response followed by multiple reconnections to the link slave, allowing an attacker to exhaust device BT resources and eventually trigger a crash via multiple attempts of sending a crafted LMP timing accuracy response followed by a sudden reconnection with a random BDAddress
.