DEBIAN-CVE-2022-49138

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Ignore multiple conn complete events When one of the three connection complete events is received multiple times for the same handle, the device is registered multiple times which leads to memory corruptions...

DEBIAN-CVE-2022-49111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hcisendacl This fixes the following trace caused by receiving HCIEVDISCONNPHYLINKCOMPLETE which does call hciconndel without first checking if conn-type is in fact AMPLINK and in case it is do...

UBUNTU-CVE-2022-49136

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix queuing commands when HCIUNREGISTER is set hcicmdsyncqueue shall return an error if HCIUNREGISTER flag has been set as that means hciunregisterdev has been called so it will likely cause a uaf after the...

Vulnerability of Bluetooth/HCI components in Linux operating systems, allowing attackers to cause service failures

The vulnerability of the mm component in the Linux operating system’s kernel is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE CVE-2024-45828

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Mask ring interrupts before ring stop request Bus cleanup path in DMA mode may trigger a RINGOPSTAT interrupt when the ring is being stopped. Depending on timing between ring stop request completion, interrupt...

AZL-55091 CVE-2024-56757 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data transmission. The interface need to be released before unregistering hci device when usb disconnect...

UBUNTU-CVE-2024-56757

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data transmission. The interface need to be released before unregistering hci device when usb disconnect...

CVE-2024-56757 Bluetooth: btusb: mediatek: add intf release flow when usb disconnect

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: add intf release flow when usb disconnect MediaTek claim an special usb intr interface for ISO data transmission. The interface need to be released before unregistering hci device when usb disconnect...

CVE-2024-47250

Out-of-bounds Read vulnerability in Apache NimBLE. Missing proper validation of HCI advertising report could lead to out-of-bound access when parsing HCI event and thus bogus GAP 'device found' events being sent. This issue requires broken or bogus Bluetooth controller and thus severity is...

CVE-2024-47249

Improper Validation of Array Index vulnerability in Apache NimBLE. Lack of input validation for HCI events from controller could result in out-of-bound memory corruption and crash. This issue requires broken or bogus Bluetooth controller and thus severity is considered low. This issue affects...

Apache NimBLE 安全漏洞

Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation, USA, that completely replaces the proprietary SoftDevice on Nordic chipsets.It is part of the Apache Mynewt project. An out-of-bounds read vulnerability exists in Apache NimBLE, which can be...

The vulnerability of the btusb component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the btusb component in the Linux operating system’s kernel is related to the assignment of the NULL pointer in the btusbmtkhciwmtsync function. Exploiting this vulnerability can allow an attacker to cause a service failure...

Apache NimBLE 安全漏洞

Apache NimBLE is an open source Bluetooth 5.4 stack host and controller from the Apache Foundation, USA, that completely replaces the proprietary SoftDevice on Nordic chipsets.It is part of the Apache Mynewt project. A security vulnerability exists in Apache NimBLE 1.7.0 and prior versions, which...

The vulnerability of the hci_event component in the Linux operating system’s kernel allows a perpetrator to gain access to confidential information.

The vulnerability of the hcievent component in the Linux operating system’s kernel is related to the disclosure of information within the hciiocaparequestevt function. Exploiting this vulnerability can allow an attacker to gain access to confidential information...

CVE-2024-48986

An issue was discovered in MBed OS 6.16.0. Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer the length of which is determined by looking up the event type in...

CVE-2024-48984

An issue was discovered in MBed OS 6.16.0. When parsing hci reports, the hci parsing software dynamically determines the length of a list of reports by reading a byte from an input stream. It then fetches the length of the first report, uses it to calculate the beginning of the second report, etc...

CVE-2024-48983

An issue was discovered in MBed OS 6.16.0. During processing of HCI packets, the software dynamically determines the length of the packet data by reading 2 bytes from the packet header. A buffer is then allocated to contain the entire packet, the size of which is calculated as the length of the...

ARM Mbed OS 安全漏洞

ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things IoT from the British company ARM. A security vulnerability exists in ARM Mbed OS version 6.16.0, which stems from a flaw in the way the software dynamically determines the length of the packet...

ARM Mbed OS 安全漏洞

ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things IoT from the British company ARM. A security vulnerability exists in ARM Mbed OS version 6.16.0, which stems from a buffer overflow caused by its HCI parsing software when reading a byte from the...

ARM Mbed OS 安全漏洞

ARM Mbed OS is a suite of open source embedded operating systems dedicated to the Internet of Things from ARM UK. A security vulnerability exists in ARM Mbed OS version 6.16.0, which originates when parsing an HCI report, where the software does not verify that the report address is located in th...