169 matches found
CVE-2021-25406
Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows unstrusted applications to access connected BT device information...
CVE-2021-1035
In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2021-0586
In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...
CVE-2021-0433
In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege and pairing malicious devices with no additional execution privileges needed. User...
Linux Distros Unpatched Vulnerability : CVE-2023-51596
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute...
CVE-2024-24860
A race condition was found in the Linux kernel's bluetooth device driver in min,maxkeysizeset function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue...
CVE-2024-23963
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
CVE-2024-23963 Alpine Halo9 Stack-based Buffer Overflow
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...
USN-7222-1 bluez vulnerabilities
Lucas Leong discovered that BlueZ incorrectly handled the Phone Book Access profile. If a user were tricked into connecting to a malicious Bluetooth device, a remote attacker could possibly use this issue to execute arbitrary code...
USN-7222-1: BlueZ vulnerabilities
Lucas Leong discovered that BlueZ incorrectly handled the Phone Book Access profile. If a user were tricked into connecting to a malicious Bluetooth device, a remote attacker could possibly use this issue to execute arbitrary code...
Ubuntu 20.04 LTS / 22.04 LTS : BlueZ vulnerabilities (USN-7222-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7222-1 advisory. Lucas Leong discovered that BlueZ incorrectly handled the Phone Book Access profile. If a user were tricked into connecting to a malicious...
CVE-2024-57879
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Always release hdev at the end of isolistenbis Since hcigetroute holds the device before returning, the hdev should be released with hcidevput at the end of isolistenbis even if the function returns with an error...
CVE-2024-57879
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: iso: Always release hdev at the end of isolistenbis Since hcigetroute holds the device before returning, the hdev should be released with hcidevput at the end of isolistenbis even if the function returns with an error...
Astra Linux – Vulnerability in bluez
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability, as the target must connect...
bluez: OBEX library out-of-bounds read information disclosure vulnerability
A flaw was found within the handling of OBEX protocol parameters in BlueZ. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a...
bluez: phone book access profile heap-based buffer overflow remote code execution vulnerability
A flaw was found within the handling of the Phone Book Access profile in BlueZ. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a...
CVE-2024-23935
CVE-2024-23935 affects Alpine Halo9. The vulnerability is a stack-based buffer overflow in the DecodeUTF7 function, caused by insufficient validation of user-supplied data length before copying to a stack buffer. It enables remote code execution with root privileges and requires the attacker to p...
CBL Mariner 2.0 Security Update: bluez (CVE-2023-50229)
The version of bluez installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50229 advisory. - BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This...
CVE-2023-51594
BlueZ OBEX Library Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a...
CVE-2023-51596
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must...