130 matches found
PT-2023-13821 · Qualcomm · Snapdragon +143
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption in the Bluetooth HOST when processing the AVRC PDU GET PLAYER APP VALUE TEXT AVRCP response. This suggests a proble...
SUSE CVE-2013-1574
The dissectbthcieiraddata function in epan/dissectors/packet-bthcicmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service infinite loop via a malform...
SUSE CVE-2021-3564
A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13...
CVE-2022-33280
Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet...
Memory corruption
Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet...
CVE-2022-33280
CVE-2022-33280 describes a memory corruption in the Bluetooth HOST when processing AVRCP packets due to an uninitialized pointer. The issue is attributed to Qualcomm components (Bluetooth) and is listed across multiple feeds (NVD, Red Hat, CVE.org, CNNVD, etc.) as a memory corruption vulnerabilit...
PT-2023-13285 · Unknown · Bluetooth Host
Name of the Vulnerable Software and Affected Versions: Bluetooth HOST affected versions not specified Description: The issue is related to memory corruption caused by accessing an uninitialized pointer in the Bluetooth HOST while processing the AVRCP packet. Recommendations: At the moment, there ...
CVE-2022-3806 Bluetooth HCI Error Handling Double Free
Inconsistent handling of error cases in bluetooth hci may lead to a double free condition of a network buffer...
CVE-2022-33299
Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data...
CVE-2022-33255
Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device...
CVE-2022-33290
Transient DOS in Bluetooth HOST due to null pointer dereference when a mismatched argument is passed...
CVE-2022-22088
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote...
Null pointer dereference
Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data...
Buffer overflow
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote...
Information disclosure
Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device...
CVE-2022-33299 Null pointer dereference in Bluetooth HOST
Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data...
CVE-2022-33299 Null pointer dereference in Bluetooth HOST
Transient DOS due to null pointer dereference in Bluetooth HOST while receiving an attribute protocol PDU with zero length data...
CVE-2022-33255 Buffer over-read in Bluetooth HOST
Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device...
CVE-2022-33255
CVE-2022-33255 is a buffer over-read information-disclosure issue in the Bluetooth HOST when processing GetFolderItems and GetItemAttribute Cmds from a peer device. The CVE is listed in Qualcomm’s security bulletin with a High severity for Bluetooth, and is described as a information-disclosure v...
CVE-2022-22088 Integer Overflow to Buffer Overflow in Bluetooth HOST
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote...