460 matches found
CVE-2023-53520
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix hcisuspendsync crash If hciunregisterdev frees the hcidev object but hcisuspendnotifier may still be accessing it, it can cause the program to crash. Here's the call trace: 102152.653246 Call Trace: 102152.653254...
ROS-20250930-02
A code vulnerability in the Audio Profile AVRCP component of the Bluetooth protocol stack for Linux BlueZ is related to a buffer overflow. buffer overflow. Exploitation of the vulnerability allows an attacker acting remotely to execute arbitrary code...
CVE-2023-53386
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys Similar to commit c5d2b6fa26b5 "Bluetooth: Fix use-after-free in hciremoveltk/hciremoveirk". We can not access k after kfreercu call. Mitigation To mitigate these...
CLSA-2025-1757962453 kernel: Fix of 32 CVEs
inet: fully convert sk-skrxdst to RCU rules CVE-2021-47103 - ALSA: usb-audio: Fix out of bounds reads when finding clock sources CVE-2024-53150 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-2025-38352 - can: peakusb: fix use after free bugs CVE-2021-47670 -...
CVE-2024-45434
OpenSynergy BlueSDK aka Blue SDK through 6.x has a Use-After-Free. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of validating the existence of an object before performing operations on the object aka use after free. An attacker can leverage this to...
CVE-2024-45432
OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...
CVE-2024-45431
OpenSynergy BlueSDK aka Blue SDK through 6.x has Improper Input Validation. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper validation of remote L2CAP channel ID CID. An attacker can leverage this to create an L2CAP channel with the null...
CVE-2024-45434
OpenSynergy BlueSDK aka Blue SDK through 6.x has a Use-After-Free. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of validating the existence of an object before performing operations on the object aka use after free. An attacker can leverage this to...
CVE-2024-45434
OpenSynergy BlueSDK aka Blue SDK through 6.x has a Use-After-Free. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of validating the existence of an object before performing operations on the object aka use after free. An attacker can leverage this to...
CVE-2024-45433
OpenSynergy BlueSDK aka Blue SDK through 6.x has Incorrect Control Flow Scoping. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper return control flow after detecting an unusual condition. An attacker can leverage this to bypass a security...
CVE-2024-45433
OpenSynergy BlueSDK aka Blue SDK through 6.x has Incorrect Control Flow Scoping. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper return control flow after detecting an unusual condition. An attacker can leverage this to bypass a security...
CVE-2024-45432
OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...
CVE-2024-45433
OpenSynergy BlueSDK Bluetooth stack (BlueSDK) up to version 6.x is affected by an Incorrect Control Flow Scoping flaw. The root cause is improper handling of exceptional conditions and lack of proper return control flow after detecting an unusual state, enabling bypass of security validation and ...
CVE-2024-45434
OpenSynergy BlueSDK aka Blue SDK through 6.x has a Use-After-Free. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of validating the existence of an object before performing operations on the object aka use after free. An attacker can leverage this to...
OpenSynergy BlueSDK 安全漏洞
OpenSynergy BlueSDK is a Bluetooth stack from OpenSynergy, Germany. A security vulnerability exists in OpenSynergy BlueSDK 6.x and prior versions that stems from a post-release reuse vulnerability in the Bluetooth stack that could lead to remote code execution...
OpenSynergy BlueSDK 安全漏洞
OpenSynergy BlueSDK is a Bluetooth stack from OpenSynergy, Germany. A security vulnerability exists in OpenSynergy BlueSDK 6.x and prior versions, which stems from the lack of proper return control flow after an exception condition is detected in the BlueSDK Bluetooth stack, which could lead to...
CVE-2024-45431
OpenSynergy BlueSDK aka Blue SDK through 6.x has Improper Input Validation. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper validation of remote L2CAP channel ID CID. An attacker can leverage this to create an L2CAP channel with the null...
CVE-2024-45432
OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...
CVE-2024-45434
OpenSynergy BlueSDK aka Blue SDK through 6.x has a Use-After-Free. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of validating the existence of an object before performing operations on the object aka use after free. An attacker can leverage this to...
CVE-2024-45432
OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...