Lucene search
+L

8 matches found

RedHat Linux
RedHat Linux
added 2025/11/17 9:52 a.m.4 views

kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

A flaw was discovered in the Bluetooth subsystem of the Linux kernel. When processing a HCIEVNUMCOMPPKTS event, the function hciconntxdequeue did not properly hold or release the hdev device lock, which may lead to a use-after-free of the connection structure...

5.8AI score0.00172EPSS
Exploits0References5
OSV
OSV
added 2025/10/15 8:15 a.m.5 views

UBUNTU-CVE-2025-39983

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

7.7CVSS5.7AI score0.00172EPSS
Exploits0References5
NVD
NVD
added 2024/11/26 12:15 p.m.14 views

CVE-2024-51569

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...

7.5CVSS0.01155EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/26 11:17 a.m.15 views

CVE-2024-51569 Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in Number of Completed Packets HCI event handler

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...

7.1AI score0.01155EPSS
Exploits0References2
CVE
CVE
added 2024/11/26 11:17 a.m.80 views

CVE-2024-51569

CVE-2024-51569 affects Apache NimBLE (through 1.7.0). The root cause is missing validation of HCI Number Of Completed Packets, leading to an out-of-bounds read while parsing HCI events and reading from HCI transport memory. The issue requires a broken/bogus Bluetooth controller to trigger the fau...

7.5CVSS6.5AI score0.01155EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/11/26 11:17 a.m.24 views

CVE-2024-51569 Apache NimBLE: Lack of input sanitization leading to out-of-bound reads in Number of Completed Packets HCI event handler

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...

0.01155EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2024/11/26 11:17 a.m.5 views

CVE-2024-51569

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI Number Of Completed Packets could lead to out-of-bound access when parsing HCI event and invalid read from HCI transport memory. This issue requires broken or bogus Bluetooth controller and thus severity is...

7.5CVSS7.2AI score0.01155EPSS
Exploits0References3
OSV
OSV
added 2020/03/10 9:15 p.m.5 views

CVE-2020-0055

In l2clinkprocessnumcompletedpkts of l2clink.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

5.5CVSS7.3AI score0.00166EPSS
Exploits0References2
Rows per page
Query Builder