Google Android Information Disclosure Vulnerability (CNVD-2025-21348)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that is caused by a lack of permission checking in the audio service. An attacker can exploit the vulnerability to obtain the MAC address of a nearby...

CVE-2022-24695

Bluetooth Classic in Bluetooth Core Specification through 5.3 does not properly conceal device information for Bluetooth transceivers in Non-Discoverable mode. By conducting an efficient over-the-air attack, an attacker can fully extract the permanent, unique Bluetooth MAC identifier, along with...

CVE-2022-45934

An integer overflow flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user generates malicious L2CAPCONFREQ packets. This flaw allows a local or bluetooth connection user to crash the system. Mitigation To mitigate these vulnerabilities on the operating system level,...

CVE-2020-10370

A lateral-movement denial of service vulnerability was found in resource-sharing Bluetooth hardware. By obtaining code execution on the Bluetooth or Wifi chip, an attacker can perform a lateral denial of service attack on a chip's shared memory resources, impacting the system's availability...

CVE-2020-12321

A flaw was found in the firmware of some Intel Bluetooth devices. This may allow an unauthenticated attacker within Bluetooth range to overflow a buffer and corrupt memory leading to a crash or privilege escalation. Mitigation To mitigate these vulnerabilities on the operating system level, disab...

CVE-2019-3460

A flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capparseconfrsp and l2capparseconfreq functions. An attacker with physical access within the range of standard Bluetooth transmission can create a...