4 matches found
CLSA-2026-1777541445 bluez: Fix of 3 CVEs
CVE-2022-0204: fix heap overflow when appending prepare writes in gatt-server - CVE-2022-39176: fix not checking paramslen in AVRCP vendordep PDU handling - CVE-2022-39177: fix accepting invalid/malformed capabilities in AVDTP...
CVE-2025-0079
In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-0079
In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-0079
CVE-2025-0079 describes a logic error in Android's Bluetooth stack (avdtp/avctp) that could allow unencrypted channels, enabling local privilege escalation with user privileges required and no user interaction. Connected documents indicate this is addressed in the Android security bulletin for 20...