CVE-2025-32061

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

CVE-2025-32059

CVE-2025-32059 is discussed in PTSecurity findings related to Nissan Leaf ZE1 (2020) infotainment ecosystem. The connected PT entries describe a stack buffer overflow that enables remote code execution in the affected stack component of the Leaf’s infotainment/OTA update chain (Redbend-based prov...

CVE-2025-32059 Stack Buffer Overflow leading to RCE in Bluetooth stack of Infotainment ECU

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

EUVD-2025-206904

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling

A flaw was found in the Linux kernel's Bluetooth component. A local attacker with low privileges could exploit a vulnerability in the Host Controller Interface HCI event processing. This issue arises from improper handling of command complete events with unknown opcodes, which can lead to the...

ROS-20260129-73-0011

A vulnerability in the AVRCP protocol implementation of the Bluetooth protocol stack for Linux BlueZ is related to reading beyond memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions by using a specially craft...

CVE-2026-24801

Vulnerability in Ralim IronOS source/Core/BSP/Pinecilv2/blmcusdk/components/ble/blestack/common/tinycrypt/source modules. This vulnerability is associated with program files eccdsa.C. This issue affects IronOS: before v2.23-rc3...

ROS-20260120-7344

A vulnerability in the mgmtallocskb function of the net/bluetooth/mgmt.c module of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000563)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000563 advisory. The native Bluetooth stack in the Linux Kernel BlueZ, starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow...

CVE-2019-20595

An issue was discovered on Samsung mobile devices with P9.0 software. Quick Panel allows enabling or disabling the Bluetooth stack without authentication. The Samsung ID is SVE-2019-14545 July 2019...

DEBIAN-CVE-2023-53828

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Avoid use-after-free in dbg for hciaddadvmonitor KSAN reports use-after-free in hciaddadvmonitor. While adding an adv monitor, hciaddadvmonitor calls - msftaddmonitorpattern calls - msftaddmonitorsync calls -...

SUSE CVE-2025-40282

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: 6lowpan: reset link-local header on ipv6 recv path Bluetooth 6lowpan.c netdev has headerops, so it must set link-local header for RX skb, otherwise things crash, eg. with AFPACKET SOCKRAW Add missing skbresetmacheader...

CVE-2025-66409

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, when AVRCP is enabled on ESP32, receiving a malformed VENDOR DEPENDENT command from a peer device can cause the Bluetooth stack to access memory before validating the command...

PT-2025-48745

Name of the Vulnerable Software and Affected Versions ESF-IDF versions 5.5.1 through 5.1.6 Description ESF-IDF is the Espressif Internet of Things IOT Development Framework. When AVRCP is enabled on ESP32, receiving a malformed VENDOR DEPENDENT command from a peer device can cause the Bluetooth...

SUSE CVE-2025-39982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciaclcreateconnsync This fixes the following UFA in hciaclcreateconnsync where a connection still pending is command submission conn-state == BTOPEN maybe freed, also since this also can happen wi...

PT-2025-42258

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16-rc7 Description The Linux kernel contains a use-after-free flaw within the Bluetooth stack, specifically in the hci conn tx dequeue function. This issue arises from improper locking of the hdev structure whe...

PT-2025-42257

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc7 Description The Linux kernel contains a use-after-free issue within the Bluetooth stack, specifically in the hci acl create conn sync function. This flaw occurs when a connection is pending command...

EUVD-2015-0894

Malware in sbrugna...

EUVD-2020-16283

Malware in sbrugna...

EUVD-2019-11135

Malware in sbrugna...