1049 matches found
CVE-2016-7957
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings...
Code injection
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings...
CVE-2016-7957
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings...
UBUNTU-CVE-2016-7957
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings...
CVE-2016-7957
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings...
CVE-2016-7957
CVE-2016-7957 affects Wireshark 2.2.0, where the Bluetooth L2CAP dissector could crash from crafted input or malicious captures. The root cause is a potential crash triggered by using a seven-byte memcmp against shorter strings during dissection. The issue was fixed in the dissector code path epa...
CVE-2016-7957
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings...
CVE-2016-7957
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings...
BlueZ Content Misreference Vulnerability
BlueZ is an official Bluetooth stack for Linux. A content misreference vulnerability exists in the 'confopt' function in the tools/parser/l2cap.c source file in BlueZ version 5.42. An attacker can cause a denial of service hcidump crash by running a compromised dump file...
BlueZ Buffer Overflow Vulnerability
BlueZ is an official Bluetooth stack for Linux. A buffer overflow vulnerability exists in the 'l2capdump' function in the tools/parser/l2cap.c source file in BlueZ version 5.42. An attacker can exploit this vulnerability to cause a denial of service hcidump crash...
BlueZ buffer overflow vulnerability (CNVD-2016-11951)
BlueZ is an official Bluetooth stack for Linux. A buffer overflow vulnerability exists in the 'setextctrl' function in the tools/parser/l2cap.c source file of BlueZ version 5.42. An attacker can exploit this vulnerability by running a compromised dump file to cause a denial of service...
BlueZ Out-of-Bounds Read Vulnerability
BlueZ is an official Bluetooth stack for Linux. A security vulnerability exists in the 'l2cappacket' function in the monitor/packet.c source file of BlueZ version 5.42. An attacker can exploit this vulnerability by running a compromised file to cause btmon to crash read across boundaries...
CVE-2016-9802
In BlueZ 5.42, a buffer over-read was identified in "l2cappacket" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash...
DEBIAN-CVE-2016-9798
In BlueZ 5.42, a use-after-free was identified in "confopt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash...
UBUNTU-CVE-2016-9798
In BlueZ 5.42, a use-after-free was identified in "confopt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash...
UBUNTU-CVE-2016-9797
In BlueZ 5.42, a buffer over-read was observed in "l2capdump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash...
UBUNTU-CVE-2016-9801
In BlueZ 5.42, a buffer overflow was observed in "setextctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file...
UBUNTU-CVE-2016-9802
In BlueZ 5.42, a buffer over-read was identified in "l2cappacket" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash...
PT-2017-14249 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.19 Description: The issue is related to the bnep add connection function in the Linux kernel, which does not properly check for the availability of an l2cap socket. This allows local users to potentially gain...
Oracle Linux 6 : kernel (ELSA-2013-1173)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-1173 advisory. - x86 perf/x86: Fix offcorersp valid mask for SNB/IVB Nikola Pajkovsky 971314 971315 CVE-2013-2146 - bluetooth L2CAP - Fix info leak via getsockname...