CVE-2020-12351

🗓️ 14 Oct 2020 21:01:35Reported by redhat.comType

A flaw in Linux kernel's Bluetooth implementation allows adjacent remote attacker to crash the system or execute arbitrary code by sending a crafted L2CAP packet

Reporter	Title	Published	Views	Family All 359
0day.today	Linux Kernel 5.4 - (BleedingTooth) Bluetooth Zero-Click Remote Code Execution Exploit	8 Apr 202100:00	–	zdt
GithubExploit	Exploit for Improper Input Validation in Linux Linux_Kernel	1 Mar 202120:44	–	githubexploit
Tenable Nessus	Amazon Linux 2 : kernel (ALAS-2020-1556)	11 Nov 202000:00	–	nessus
Tenable Nessus	Amazon Linux AMI : kernel (ALAS-2020-1446)	18 Nov 202000:00	–	nessus
Tenable Nessus	CentOS 8 : kernel (CESA-2020:4286)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 8 : kernel (CESA-2020:4685)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 7 : kernel (RHSA-2020:4276)	9 Oct 202400:00	–	nessus
Tenable Nessus	CentOS 7 : kernel-alt (RHSA-2020:4279)	9 Oct 202400:00	–	nessus
Tenable Nessus	Debian DLA-2417-1 : linux-4.19 security update	29 Oct 202000:00	–	nessus
Tenable Nessus	Debian DLA-2420-2 : linux regression update	2 Nov 202000:00	–	nessus

Source	Link
cve	www.cve.org/CVERecord
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-12351
github	www.github.com/google/security-research/security/advisories/GHSA-7mh3-gq28-gfrq
github	www.github.com/google/security-research/security/advisories/GHSA-h637-c88j-47wq
lore	www.lore.kernel.org/linux-bluetooth/[email protected]/
lore	www.lore.kernel.org/linux-bluetooth/[email protected]/
intel	www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
zdnet	www.zdnet.com/article/google-warns-of-severe-bleedingtooth-bluetooth-flaw-in-linux-kernel/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

19 Apr 2024 23:38Current

1.4Low risk

Vulners AI Score1.4

CVSS 25.8

CVSS 3.18.8

EPSS0.02874