460 matches found
CVE-2023-28908
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. The vulnerability was originally discovered in...
CVE-2023-28908 Integer Overflow in Non-Fragmented Data Reception
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. The vulnerability was originally discovered in...
CVE-2023-28908 Integer Overflow in Non-Fragmented Data Reception
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. The vulnerability was originally discovered in...
CVE-2023-28908
CVE-2023-28908 affects the Bluetooth stack on Volkswagen MIB3 infotainment, caused by insufficient validation of user-supplied data that can trigger an integer overflow when handling non-fragmented HCI packets. The issue was first observed in Skoda Superb III with MIB3 infotainment unit OEM part ...
CVE-2023-28909 Integer Overflow Leading to MTU Bypass
A specific flaw exists within the Bluetooth stack of the MIB3 unit. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving fragmented HCI packets on a channel. An attacker can leverage this vulnerability to bypass the MTU...
CVE-2023-28909
CVE-2023-28909 describes a vulnerability in the Bluetooth stack of the Volkswagen MIB3 infotainment unit. The flaw arises from insufficient validation of user-supplied data, causing an integer overflow when receiving fragmented HCI packets on a channel. An attacker can bypass the MTU check on a f...
CVE-2023-28910 Disabled Abortion Flag
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment system. The issue results from the disabled abortion flag eventually leading to bypassing assertion functions. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number...
CVE-2023-28911
The CVE-2023-28911 issue affects Volkswagen MIB3 infotainment Bluetooth stack. The vulnerability arises from insufficient validation of user-supplied data in the MIB3 Bluetooth implementation, enabling an attacker to trigger an arbitrary channel disconnection and cause a denial-of-service affecti...
CVE-2023-28911 Arbitrary Channel Disconnection Resulting in Denial of Service
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary channel disconnection. An attacker can leverage this vulnerability to cause a denial-of-service attack for every...
CVE-2023-28911 Arbitrary Channel Disconnection Resulting in Denial of Service
A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary channel disconnection. An attacker can leverage this vulnerability to cause a denial-of-service attack for every...
PT-2025-27312 · Volkswagen · Mib3
Name of the Vulnerable Software and Affected Versions: MIB3 infotainment affected versions not specified Description: A specific flaw exists within the Bluetooth stack of the MIB3 infotainment, resulting from the lack of proper validation of user-supplied data. This can cause an integer overflow...
PT-2025-27313 · Volkswagen · Mib3
Name of the Vulnerable Software and Affected Versions: MIB3 unit affected versions not specified Description: A specific flaw exists within the Bluetooth stack of the MIB3 unit. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow whe...
SUSE-SU-2025:02127-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP6)
This update for the Linux Kernel 6.4.0-1506002325 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing...
CVE-2025-41657
Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker...
CVE-2025-41657
Due to an undocumented active bluetooth stack on products delivered within the period 01.01.2024 to 09.05.2025 fingerprinting is possible by an unauthenticated adjacent attacker...
AUMA PROFOX和AUMA AC1.2 安全漏洞
AUMA PROFOX and AUMA AC1.2 are both products of AUMA, Inc.AUMA PROFOX is a professional-grade laboratory automation system for sample handling and liquid workstation control.AUMA AC1.2 is an adaptive controller. AUMA PROFOX and AUMA AC1.2 have a security vulnerability that stems from an...
PT-2025-24649 · Auma · Ac1.2 +1
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An undocumented active Bluetooth stack in certain products allows fingerprinting by an unauthenticated adjacent attacker. This issue affects products delivered between 01.01.2024 and...
PT-2025-29024
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference issue was resolved in the Bluetooth stack within the Linux kernel, specifically in the eir get service data function. The len parameter within this function ...
CVE-2025-35003
Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer Overflow vulnerabilities were discovered in Apache NuttX RTOS Bluetooth Stack HCI and UART components that may result in system crash, denial of service, or arbitrary code execution, after receiving...
CVE-2025-35003
Improper Restriction of Operations within the Bounds of a Memory Buffer and Stack-based Buffer Overflow vulnerabilities were discovered in Apache NuttX RTOS Bluetooth Stack HCI and UART components that may result in system crash, denial of service, or arbitrary code execution, after receiving...