Linux Distros Unpatched Vulnerability : CVE-2016-9797

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In BlueZ 5.42, a buffer over-read was observed in l2capdump function in tools/parser/l2cap.c source file. This issue can be triggered by processing a corrupted...

RHEL 5 : bluez (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bluez: Buffer overflow in parseline function CVE-2016-7837 - In BlueZ 5.42, a buffer over-read was observ...

RHEL 6 : bluez (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bluez: Buffer overflow in parseline function CVE-2016-7837 - In BlueZ 5.42, a buffer over-read was observ...

RHEL 7 : bluez (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bluez: heap-based buffer overflow via crafted request CVE-2019-8922 - Buffer overflow in BlueZ 5.41 and...

RHEL 5 : bluez (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to DoS o...

RHEL 7 : bluez (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to DoS o...

SUSE CVE-2016-9797

In BlueZ 5.42, a buffer over-read was observed in "l2capdump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash...

SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2019:1353-2)

This update for bluez fixes the following issues : Security issues fixed : CVE-2016-9797: Fixed a buffer over-read in l2capdump bsc1013708. CVE-2016-9798: Fixed a use-after-free in confopt bsc1013712. CVE-2016-9917: Fixed a heap-based buffer overflow in readn bsc1015171. CVE-2016-9802: Fixed a...

openSUSE: Security Advisory for bluez (openSUSE-SU-2019:1476-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for bluez (moderate)

openSUSE Security Update: Security update for bluez Announcement ID: openSUSE-SU-2019:1476-1 Rating: moderate References: 1013708 1013712 1013893 1015171 Cross-References: CVE-2016-9797 CVE-2016-9798 CVE-2016-9802 CVE-2016-9917 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update th...

SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2019:1339-1)

This update for bluez fixes the following issues : Security vulnerability addressed : CVE-2016-9797: Fixed a buffer over-read in l2capdump bsc1013708. CVE-2016-9798: Fixed a use-after-free in confopt bsc1013712. CVE-2016-9917: Fixed a heap-based buffer overflow in readn bsc1015171. CVE-2016-9802:...

CVE-2016-9797

CVE-2016-9797 is a buffer over-read in BlueZ 5.42, specifically in the l2cap_dump function (tools/parser/l2cap.c). It can be triggered by processing a corrupted dump file and leads to a hcidump crash. Affected product: BlueZ. Root cause: boundary condition flaw allowing over-read. In the provided...