78 matches found
CVE-2025-47318 Buffer Over-read in BT Controller
Transient DOS while parsing the EPTM test control message to get the test pattern...
CVE-2025-47317 Buffer Over-read in BT Controller
Memory corruption due to global buffer overflow when a test command uses an invalid payload type...
CVE-2025-47317 Buffer Over-read in BT Controller
Memory corruption due to global buffer overflow when a test command uses an invalid payload type...
CVE-2025-47317
CVE-2025-47317 is described in the provided sources as memory corruption due to a global buffer overflow when a test command uses an invalid payload type. Connected documents identify Qualcomm-related components and reference a Qualcomm security bulletin; the exact affected product/version detail...
CVE-2022-50374
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer dereference at hciuartttyclose 1, for rcusyncenter is called without rcusyncinit due to hciuartttyopen ignoring percpuinitrwsem failure...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible crash of the nintendo bluetooth controller during hang recovery, which could lead to a kernel pan...
Linux Distros Unpatched Vulnerability : CVE-2021-32399
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/bluetooth/hcirequest.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. CVE-2021-32399 Note that Nessus relies on...
CVE-2024-51569
Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...
CVE-2023-28587
Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level...
CVE-2023-2234
Union variant confusion allows any malicious BT controller to execute arbitrary code on the Zephyr host...
CVE-2021-35093
Possible memory corruption in BT controller when it receives an oversized LMP packet over 2-DH1 link and leads to denial of service in BlueCore...
The vulnerability of the BT Controller component of Qualcomm’s embedded software allows a hacker to gain unauthorized access to protected information.
The vulnerability of the BT Controller component in the microprogramming software of Qualcomm’s integrated chips is related to data encryption errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2021-35129
Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking...
Vulnerability of Bluetooth/HCI components in Linux operating systems, allowing attackers to cause service failures
The vulnerability of the mm component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-51569
Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...
CVE-2024-51569
Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...
CVE-2024-47249
Improper Validation of Array Index vulnerability in Apache NimBLE. Lack of input validation for HCI events from controller could result in out-of-bound memory corruption and crash. This issue requires broken or bogus Bluetooth controller and thus severity is considered low. This issue affects...
CVE-2024-47250
Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI advertising report could lead to out-of-bound access when parsing HCI event and thus bogus GAP 'device found' events being sent. This issue requires broken or bogus Bluetooth controller and thus severity is...
CVE-2024-51569 Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in Number of Completed Packets HCI event handler
Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...
CVE-2024-51569
CVE-2024-51569 affects Apache NimBLE (through 1.7.0). The root cause is missing validation of HCI Number Of Completed Packets, leading to an out-of-bounds read while parsing HCI events and reading from HCI transport memory. The issue requires a broken/bogus Bluetooth controller to trigger the fau...