25 matches found
CVE-2026-28528
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Browsing Target GETFOLDERITEMS handler that fails to validate packet boundaries and attribute count data. An attacker with a paired Bluetooth Classic connection can exploit insufficient bounds...
CVE-2026-28528 BlueKitchen BTstack < 1.8.1 AVRCP Browsing Target GET_FOLDER_ITEMS Handler OOB Read / Undefined Behavior
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Browsing Target GETFOLDERITEMS handler that fails to validate packet boundaries and attribute count data. An attacker with a paired Bluetooth Classic connection can exploit insufficient bounds...
CVE-2026-28527
BlueKitchen BTstack is affected for versions prior to 1.8.1. The vuln is an out-of-bounds read in the AVRCP Controller GET_PLAYER_APPLICATION_SETTING_ATTRIBUTE_TEXT and GET_PLAYER_APPLICATION_SETTING_VALUE_TEXT handlers. An attacker with a paired Bluetooth Classic connection can send crafted VEND...
CVE-2026-28527 BlueKitchen BTstack < 1.8.1 AVRCP Controller GET_PLAYER_APPLICATION_SETTING_*_TEXT Handlers OOB Read
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GETPLAYERAPPLICATIONSETTINGATTRIBUTETEXT and GETPLAYERAPPLICATIONSETTINGVALUETEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establish a paire...
CVE-2026-28527
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GETPLAYERAPPLICATIONSETTINGATTRIBUTETEXT and GETPLAYERAPPLICATIONSETTINGVALUETEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establish a paire...
CVE-2026-28527 BlueKitchen BTstack < 1.8.1 AVRCP Controller GET_PLAYER_APPLICATION_SETTING_*_TEXT Handlers OOB Read
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller GETPLAYERAPPLICATIONSETTINGATTRIBUTETEXT and GETPLAYERAPPLICATIONSETTINGVALUETEXT handlers that allows nearby attackers to read beyond packet boundaries. Attackers can establish a paire...
CVE-2026-28526
CVE-2026-28526 affects BlueKitchen BTstack versions prior to 1.8.1. The AVRCP Controller LIST_PLAYER_APPLICATION_SETTING_ATTRIBUTES and LIST_PLAYER_APPLICATION_SETTING_VALUES handlers have an out-of-bounds read that can be triggered by a nearby attacker with a paired Bluetooth Classic connection....
CVE-2026-28526
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller LISTPLAYERAPPLICATIONSETTINGATTRIBUTES and LISTPLAYERAPPLICATIONSETTINGVALUES handlers that allows attackers to read beyond buffer boundaries. A nearby attacker with a paired Bluetooth...
CVE-2026-28526 BlueKitchen BTstack < 1.8.1 AVRCP Controller LIST_PLAYER_APPLICATION_SETTING_* Handlers OOB Read
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller LISTPLAYERAPPLICATIONSETTINGATTRIBUTES and LISTPLAYERAPPLICATIONSETTINGVALUES handlers that allows attackers to read beyond buffer boundaries. A nearby attacker with a paired Bluetooth...
BTstack 安全漏洞
BTstack is an open-source Bluetooth stack developed by BlueKitchen. Versions of BTstack prior to 1.8.1 contained security vulnerabilities. These vulnerabilities stemmed from out-of-bounds read accesses by the AVRCP controller processing program, which could lead to information leaks and system...
PT-2026-29025
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Controller LIST PLAYER APPLICATION SETTING ATTRIBUTES and LIST PLAYER APPLICATION SETTING VALUES handlers that allows attackers to read beyond buffer boundaries. A nearby attacker with a paired...
PT-2026-29027
BlueKitchen BTstack versions prior to 1.8.1 contain an out-of-bounds read vulnerability in the AVRCP Browsing Target GET FOLDER ITEMS handler that fails to validate packet boundaries and attribute count data. An attacker with a paired Bluetooth Classic connection can exploit insufficient bounds...
EUVD-2023-52934
Malicious code in bioql PyPI...
CVE-2024-40568
Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 allows a remote attacker to execute arbitrary code via the pbadvhandletranactioncont function in the src/mesh/pbadv.c component...
CVE-2023-48906
Stack Overflow vulnerability in Btstack 1.6 and earlier allows attackers to cause a denial of service via crafted input to the charfornibble function...
CVE-2024-40568
Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 allows a remote attacker to execute arbitrary code via the pbadvhandletranactioncont function in the src/mesh/pbadv.c component...
PT-2024-28923 · Unknown · Btstack Mesh
Name of the Vulnerable Software and Affected Versions: btstack mesh versions before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 Description: The issue allows a remote attacker to execute arbitrary code via the pb adv handle tranaction cont function in the src/mesh/pb adv.c component. This is a...
CVE-2024-40568
Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 allows a remote attacker to execute arbitrary code via the pbadvhandletranactioncont function in the src/mesh/pbadv.c component...
CVE-2024-40568
Buffer Overflow vulnerability in btstack mesh commit before v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58 allows a remote attacker to execute arbitrary code via the pbadvhandletranactioncont function in the src/mesh/pbadv.c component...
CVE-2024-40568
Summary of CVE-2024-40568 Affected software: btstack mesh (BTstack Mesh component) with versions prior to v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58. Vulnerability: Buffer Overflow in the function pb_adv_handle_tranaction_cont (src/mesh/pb_adv.c) that allows remote code execution. Impact: Remote ...