CVE-2021-3329

Lack of proper validation in HCI Host stack initialization can cause a crash of the bluetooth stack...

CVE-2021-3329

CVE-2021-3329 affects Zephyr RTOS Bluetooth stack: root cause is lack of proper validation in HCI Host stack initialization, specifically around ACL_MTU handling, which can crash the bluetooth stack. Some sources cite Zephyr v2.4.0 as vulnerable. Documented impact includes high availability risk ...

PT-2023-12203 · Unknown · Bluetooth Stack

Name of the Vulnerable Software and Affected Versions: Bluetooth stack affected versions not specified Description: The issue is related to a lack of proper validation in HCI Host stack initialization, which can cause a crash of the bluetooth stack. Recommendations: At the moment, there is no...

[SECURITY] Fedora 37 Update: bluedevil-5.27.1-1.fc37

BlueDevil is the bluetooth stack for KDE...

USN-5883-1: Linux kernel (HWE) vulnerabilities

Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2022-4378 It was discovered that an out-of-bounds write vulnerability existed i...

SUSE CVE-2005-0750

The bluezsockcreate function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via 1 socket or 2 socketpair call with a negative protocol value...

SUSE CVE-2020-25662

A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. This flaw allows a remote attacker in an adjacent range to leak small portions of stack memory on the...

SUSE CVE-2022-39177

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c...

USN-5853-1 linux, linux-aws, linux-azure, linux-azure-5.4, linux-gkeop, linux-kvm, linux-oracle, linux-raspi, linux-raspi-5.4 vulnerabilities

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service system crash or possibly...

Amazon Linux 2 : kernel (ALAS-2022-1903)

The version of kernel installed on the remote host is prior to 4.14.301-224.520. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1903 advisory. A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is...

CVE-2022-42896

A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol L2CAP, part of the Bluetooth stack in the l2capconnect and l2capleconnectreq functions. An attacker with physical access within the range of standard Bluetooth transmission could...

DEBIAN-CVE-2022-39177

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c...

BlueZ 安全漏洞

BlueZ is a Bluetooth protocol stack written in C, which is primarily used to provide support for the core Bluetooth layer and protocol. versions prior to BlueZ 5.59 have an input validation error vulnerability that stems from the failure of the profiles/audio/avrcp.c component to validate...

BlueZ 安全漏洞

BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. A security vulnerability exists in BlueZ versions prior to 5.59, which stems from the fact that the profiles/audio/avdtp.c component can handle malformed and...

CVE-2022-20224

In ATSKIPREST of btahfclientat.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20224

In ATSKIPREST of btahfclientat.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Out-of-bounds

In ATSKIPREST of btahfclientat.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

The vulnerability of the Bluetooth protocol stack for the Linux operating system BlueZ, related to insufficient validation of input data, allows a hacker to execute arbitrary code.

The vulnerability of the Bluetooth protocol stack for the Linux operating system BlueZ is related to insufficient validation of user-input data during the processing of the A2DP profile. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using specially crafted data...

ASB-A-220732646

In ATSKIPREST of btahfclientat.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation...

The vulnerability of the database.c component of the Bluetooth protocol stack for the Linux BlueZ operating system allows a hacker to access confidential information.

The vulnerability of the database.c component of the Bluetooth protocol stack for the Linux BlueZ operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to gain access to confidential information...