283 matches found
SUSE-SU-2023:3079-1 Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP4)
This update for the Linux Kernel 5.14.21-1504002418 fixes several issues. The following security issues were fixed: - CVE-2023-35788: Fixed an out-of-bounds write in the flower classifier code via TCAFLOWERKEYENCOPTSGENEVE packets in flsetgeneveopt in net/sched/clsflower.c bsc1212509. -...
Kernel: bluetooth: Unauthorized management command execution
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...
SUSE-SU-2023:2808-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-1077: Fixed a type confusion in picknextrtentity, that could cause memory corruption bsc1208600. - CVE-2023-1079: Fixed a use-after-free problem...
CVE-2023-27964
An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source...
DEBIAN-CVE-2023-2002
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...
Information disclosure
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...
CVE-2023-2002
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...
CVE-2023-2002
A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hcisock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth...
PT-2023-9855 · Bluez +8 · Bluez +8
Name of the Vulnerable Software and Affected Versions: BlueZ affected versions not specified Description: The issue is related to a heap-based buffer overflow in the Phone Book Access profile of BlueZ, which can be exploited by network-adjacent attackers to execute arbitrary code on affected...
PT-2023-9092 · Bluez +4 · Bluez +4
Name of the Vulnerable Software and Affected Versions: BlueZ affected versions not specified Description: The issue is related to a heap-based buffer overflow in the Phone Book Access profile of BlueZ, allowing network-adjacent attackers to execute arbitrary code on affected installations. User...
CVE-2023-28866
In the Linux kernel through 6.2.8, net/bluetooth/hcisync.c allows out-of-bounds access because ampinit1 and ampinit2 are supposed to have an intentionally invalid element, but do not...
CVE-2023-21452
Improper usage of implicit intent in Bluetooth prior to SMR Mar-2023 Release 1 allows attacker to get MAC address of connected device...
kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c
A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges...
PT-2023-33399 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.269 Description: The issue is related to a potential security vulnerability in the Bluetooth functionality. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
PT-2023-33271 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.161 Description: The issue is related to a potential security vulnerability in the Bluetooth L2CAP protocol, specifically an u8 overflow. The actual impact and attack plausibility have not yet been proven...
PT-2022-10478 · Unknown · Fastrack Reflex 2.0
Name of the Vulnerable Software and Affected Versions: fastrack Reflex 2.0 W307S REFLEX v90.89 Activity Tracker Description: The issue allows an unauthenticated remote attacker to send a malicious firmware update via Bluetooth Low Energy BLE and potentially brick the device. Recommendations: For...
Microchip RN4870 安全漏洞
The Microchip RN4870 is a Bluetooth low power module chip from Microchip, Inc. The Microchip RN4870 module firmware version 1.43 has a security vulnerability that stems from the ability to bypass the key entry in legacy pairing, and through this cryptographic input bypass, a man-in-the-middle MiT...
PT-2022-23672 · Unknown · Mousenkeyhiddevice
Name of the Vulnerable Software and Affected Versions: MouseNKeyHidDevice versions prior to SMR Oct-2022 Release 1 Description: The issue is related to the improper restriction of broadcasting Intent in MouseNKeyHidDevice, which leaks the MAC address of the connected Bluetooth device...
Bluetooth + Electrical switchgear
The ongoing rapid growth of Industrial IoT IIoT across all business sectors continues to bring to focus the discrepancies that exist between the approaches to safety and cyber-security on safety critical sites. Safety has been culturally ingrained into all aspects of industrial site operations fo...
PT-2022-14481 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a configuration error in Bluetooth that could allow bypassing compiler exploit mitigations. This could lead to local escalation of privilege without requiring additional executi...