AlmaLinux 8 : kernel-rt (ALSA-2026:21745)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:21745 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...

BTstack 安全漏洞

BTstack is an open-source Bluetooth stack implemented by BlueKitchen. Versions of BTstack prior to 1.8.1 contained security vulnerabilities. These vulnerabilities stemmed from an out-of-bounds read in the AVRCP browse target handler, which could lead to crashes and corrupted property bitmap state...

kernel security update

4.18.0-553.105.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...

Exploit for CVE-2025-36911

WhisperPair-PoC-Tool and Research A deep dive into CVE-2025-3...

MiracleLinux 9 : kernel-5.14.0-427.13.1.el9_4 (AXSA:2024-8139:13)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8139:13 advisory. kernel: GSM multiplexing race condition leads to privilege escalation CVE-2023-6546 kernel: multiple use-after-free vulnerabilities CVE-2024-1086,...

CVE-2024-34463

BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. The packet data also lacks authentication and integrity protection...

RHEL 9 : kernel-rt (RHSA-2025:21136)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21136 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

RockyLinux 8 : kernel (RLSA-2025:19102)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19102 advisory. kernel: Bluetooth: L2CAP: fix bad unlock balance in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare...

EUVD-2019-7147

Malware in sbrugna...

EUVD-2021-18504

Malware in sbrugna...

EUVD-2021-20809

Malware in sbrugna...

PerfektBlue Bluetooth Vulnerabilities Expose Millions of Vehicles to Remote Code Execution

Cybersecurity researchers have discovered a set of four security flaws in OpenSynergy's BlueSDK Bluetooth stack that, if successfully exploited, could allow remote code execution on millions of transport vehicles from different vendors. The vulnerabilities, dubbed PerfektBlue , can be fashioned...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: Fix use after free in hcisendacl CVE-2022-49111 kernel: Bluetooth: hcisync: Fix queuing commands when HCIUNREGISTER is set CVE-2022-49136 kernel: udf: Fix a slab-out-of-bounds...

MediaTek 2025-07 Bluetooth Vulnerabilities - Lenovo Support US

No description provided...

PT-2025-29082

Name of the Vulnerable Software and Affected Versions: OpenSynergy BlueSDK versions through 6.x Description: The OpenSynergy BlueSDK Bluetooth stack contains a flaw due to incorrect handling of a network packet header and an incorrect variable used as a function argument. This can allow a remote...

PT-2025-29081

Name of the Vulnerable Software and Affected Versions: OpenSynergy BlueSDK aka Blue SDK versions through 6.x Description: The BlueSDK Bluetooth stack contains an Improper Input Validation flaw. The issue stems from insufficient validation of the remote L2CAP channel ID CID. An attacker can exploi...

PT-2025-27363

Name of the Vulnerable Software and Affected Versions Airoha Bluetooth audio SDK affected versions not specified Description The Airoha Bluetooth audio SDK contains a flaw that allows Bluetooth audio devices to pair without user consent. This can result in remote escalation of privilege without...

SUSE-SU-2025:02162-1 Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002317 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing...

SUSE-SU-2025:02113-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: - CVE-2024-56601: net: inet: do not leave a dangling sk pointer in inetcreate bsc1235231. - CVE-2024-50279: dm cache: fix out-of-bounds access to the dirty bitset when resizing...

CVE-2022-50166

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: When HCI work queue is drained, only queue chained work The HCI command, event, and data packet processing workqueue is drained to avoid deadlock in commit 76727c02c1e1 "Bluetooth: Call drainworkqueue before resetting...