CVE-2025-32062

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

CVE-2025-32061

The specific flaw exists within the Bluetooth stack developed by Alps Alpine of the Infotainment ECU manufactured by Bosch. The issue results from the lack of proper boundary validation of user-supplied data, which can result in a stack-based buffer overflow when receiving a specific packet on th...

CVE-2025-32059

CVE-2025-32059 is discussed in PTSecurity findings related to Nissan Leaf ZE1 (2020) infotainment ecosystem. The connected PT entries describe a stack buffer overflow that enables remote code execution in the affected stack component of the Leaf’s infotainment/OTA update chain (Redbend-based prov...

CVE-2024-45432

OpenSynergy BlueSDK aka Blue SDK through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a function argument. An attacker can leverage this to cause unexpected behavior or obtain sensitive informatio...

Linux Distros Unpatched Vulnerability : CVE-2020-25662

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory...

CVE-2023-28909

A specific flaw exists within the Bluetooth stack of the MIB3 unit. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving fragmented HCI packets on a channel. An attacker can leverage this vulnerability to bypass the MTU...

CVE-2023-28908

A specific flaw exists within the Bluetooth stack of the MIB3 infotainment. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow when receiving non-fragmented HCI packets on a channel. The vulnerability was originally discovered in...

PT-2025-27312 · Volkswagen · Mib3

Name of the Vulnerable Software and Affected Versions: MIB3 infotainment affected versions not specified Description: A specific flaw exists within the Bluetooth stack of the MIB3 infotainment, resulting from the lack of proper validation of user-supplied data. This can cause an integer overflow...

Google Pixel 缓冲区错误漏洞

Google Pixel is a smartphone from Google, an American company. Google Pixel suffers from a security vulnerability that originates in btmacl.cc's btmaclprocessscacmplpkt, where an out-of-bounds read is possible due to incorrect bounds checking, which could lead to remote information disclosure...

Espressif ESP-IDF 安全漏洞

Espressif ESP-IDF is an Internet of Things IoT development framework from China's Lexin Information Technology Espressif. Espressif ESP-IDF suffers from a security vulnerability that stems from a security issue in the commercial BT stack. The vulnerability can be exploited by an attacker to cause...

kernel: Heap address information leak while using L2CAP_GET_CONF_OPT

A flaw was found in the Linux kernel's implementation of Logical Link Control and Adaptation Protocol L2CAP, part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packe...