OpenSynergy BlueSDK 安全漏洞

OpenSynergy BlueSDK is a Bluetooth stack from OpenSynergy, Germany. A security vulnerability exists in OpenSynergy BlueSDK 6.x and prior versions, which stems from the lack of proper return control flow after an exception condition is detected in the BlueSDK Bluetooth stack, which could lead to...

CVE-2025-35003

Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer Overflow vulnerabilities were discovered in Apache NuttX RTOS Bluetooth Stack HCI and UART components that may result in system crash, denial of service, or arbitrary code execution, after receiving...

BTstack 安全漏洞

BTstack is an open source Bluetooth stack implementation from BlueKitchen. A security vulnerability exists in versions prior to BTstack v.864e2f2b6b7878c8fab3cf5ee84ae566e3380c58, which originates in the src/mesh/pbadv.c component and is prone to a buffer overflow...

DEBIAN-CVE-2022-48844

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix leaking sentcmd skb sentcmd memory is not freed before freeing hcidev causing it to leak it contents...

PT-2024-15406 · Silicon · Bluetooth Stack For Efr32

Name of the Vulnerable Software and Affected Versions: Silicon Labs' Bluetooth stack for EFR32 products affected versions not specified Description: A memory leak in the Bluetooth stack may cause memory to be exhausted when sending notifications to multiple clients, resulting in all Bluetooth...

BlueZ Security Vulnerability

BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. A security vulnerability exists in BlueZ that stems from an out-of-bounds write issue...

BlueZ Security Vulnerability

BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. A security vulnerability exists in BlueZ that stems from an out-of-bounds write issue...

kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

SUSE CVE-2005-0750

The bluezsockcreate function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via 1 socket or 2 socketpair call with a negative protocol value...

BlueZ 安全漏洞

BlueZ is a Bluetooth protocol stack written in C, which is primarily used to provide support for the core Bluetooth layer and protocol. versions prior to BlueZ 5.59 have an input validation error vulnerability that stems from the failure of the profiles/audio/avrcp.c component to validate...

Texas Instruments Ble Stack 安全漏洞

Texas Instruments Ble Stack is a low-power Bluetooth software stack from Texas Instruments, USA. A security vulnerability exists in Texas Instruments Ble Stack. No information about this vulnerability is available at this time, so please stay tuned to CNNVD or the vendor's announcement...

DEBIAN-CVE-2021-34145

The Bluetooth Classic implementation in the Cypress WICED BT stack through 2.9.0 for CYW20735B1 devices does not properly handle the reception of LMPmaxslot with an invalid Baseband packet type and LTADDRESS and LTADDR after completion of the LMP setup procedure, allowing attackers in radio range...

BrakTooth 输入验证错误漏洞

BrakTooth is a family of 20 vulnerabilities affecting over 1,400 products based on 13 different Bluetooth devices sold by 11 of the world's leading vendors. An input validation error vulnerability exists in the BrakTooth Business Bluetooth Stack BT, which could lead to a DoS and arbitrary code...

Linux kernel information disclosure vulnerability (CNVD-2020-65149)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. The Linux kernel Bluetooth stack implementation handled in a security vulnerability that could be exploited by an attacker to cause a small amount of stack memory to b...

PT-2020-6155 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Red Hat Enterprise Linux affected versions not specified Description: The issue is related to errors in handling certain AMP packets by the Bluetooth stack implementation in the Linux kernel. This can allow a remote attacker to gain...

kernel: net: bluetooth: type confusion while processing AMP packets

A flaw was found in the way the Linux kernel’s Bluetooth implementation handled L2CAP Logical Link Control and Adaptation Protocol packets with A2MP Alternate MAC-PHY Manager Protocol CID Channel Identifier. This flaw allows a remote attacker in an adjacent range to crash the system, causing a...

kernel: stack buffer overflow in the native Bluetooth stack

A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a client. On systems with the stack protection feature enabled in the kernel CONFIGCCSTACKPROTECTOR=y, which is enabled on all architectures other tha...

Windows The Bluetooth Pineapple Man-in-the-Middle Attack Vulnerability

Windows Vista and Windows 10 are both operating systems from the American company Microsoft. A man-in-the-middle attack vulnerability exists in Windows Vista and Windows 10 that resides in the Bluetooth stack, enabling an attacker to create a malicious network interface on a victim's device,...

UBUNTU-CVE-2016-9803

In BlueZ 5.42, an out-of-bounds read was observed in "lemetaevdump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' which is used to read correct element from 'evlemetastr' array is overflowed...