Lucene search
Redhat.comRH:CVE-2023-27349HistoryMay 03, 2024 - 11:22 a.m.
CVE-2023-27349
2024-05-0311:22:11
redhat.com
access.redhat.com
19
cve-2023-27349
bluez audio profile
avrcp
array indices
validation
data validation
buffer overflow
network-adjacent attacker
code execution
root context
bluetooth
A vulnerability was found in the BlueZ Audio Profile AVRCP, stemming from the improper validation of array indices. This flaw resides in the AVRCP protocol handling and arises due to inadequate validation of user-supplied data. Consequently, it may lead to writing beyond the bounds of an allocated buffer. This flaw possibly allows a network-adjacent attacker to execute code within the root context via Bluetooth.
Related
zdi
zdi
debian
debian
[SECURITY] [DLA 3820-1] bluez security update
2024-05-25 16:21:50
nessus
nessus
SUSE SLES15 Security Update : bluez (SUSE-SU-2023:2533-1)
2023-06-19 00:00:00
SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2023:2562-1)
2023-06-22 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:2613-1)
2024-02-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:2545-1)
2023-06-19 00:00:00
Debian: Security Advisory (DLA-3820-1)
2024-05-27 00:00:00
cvelist
cvelist
debiancve
debiancve
CVE-2023-27349
2024-05-03 02:15:13
osv
osv
bluez - security update
2024-05-25 00:00:00
cve
cve
CVE-2023-27349
2024-05-03 02:15:13
photon
photon
Moderate Photon OS Security Update - PHSA-2023-3.0-0580
2023-05-16 00:00:00
Moderate Photon OS Security Update - PHSA-2023-4.0-0392
2023-05-17 00:00:00
Moderate Photon OS Security Update - PHSA-2023-5.0-0006
2023-05-16 00:00:00