61 matches found
bluez bug fix and enhancement update
The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts AlmaLinux, and pcmcia configuration files. Bug Fixes and Enhancements: Dell 8.4 BUG Bluetooth keyboard paired and connected but does not work on...
OESA-2021-1370 bluez security update
This package provides all utilities for use in Bluetooth applications. The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A. Security Fixes: bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a devic...
[SECURITY] Fedora 34 Update: bluez-5.60-2.fc34
Utilities for use in Bluetooth applications: - avinfo - bluemoon - bluetoothctl - bluetoothd - btattach - btmon - hex2hcd - l2ping - l2test - mpris-proxy - rctest The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A...
CVE-2021-3658
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to...
CVE-2021-3658
bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. If a device is powered down while discoverable, it will be discoverable when powered on again. This could lead to inadvertent exposure of the bluetooth stack to...
bluez 安全漏洞
BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. A security vulnerability exists in bluez that stems from the fact that bluez's bluetoothd incorrectly saves the discoverable state of the adapter when the device ...
Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2019-1378)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2019-6134 · Bluez +2 · Bluez +2
Name of the Vulnerable Software and Affected Versions: BlueZ versions through 5.48 Description: A heap-based buffer overflow was discovered in the bluetoothd component of BlueZ. The issue is caused by the lack of size checks when appending data to the output buffer in the service attr req functio...
Information Disclosure
bluez is vulnerable to information disclosure attacks. The vulnerability exists as all versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory...
Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport
Apple iOSmacOS - Kernel Memory Corruption due to Integer Overflow in IOHIDResourceQueue::enqueueReport / IOHIDResourceQueue inherits from IOSharedDataQueue and adds its own ::enqueueReport method, which seems to be mostly copy-pasted from IOSharedDataQueue and IODataQueue's ::enqueue methods. I...
Apple iOS 11.2.5 watchOS 4.2.2 tvOS 11.2.5 - bluetoothd Memory Corruption
Apple iOS 11.2.5 watchOS 4.2.2 tvOS 11.2.5 - bluetoothd Memory Corruption // // main.m // bluetoothdPoC // // Created by Rani Idan. // Copyright © 2018 zLabs. All rights reserved. // import "AppDelegate.h" include extern kernreturnt bootstraplookupmachportt bs, const char servicename, machportt...
Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - 'bluetoothd' Memory Corruption
// // main.m // bluetoothdPoC // // Created by Rani Idan. // Copyright © 2018 zLabs. All rights reserved. // import "AppDelegate.h" include extern kernreturnt bootstraplookupmachportt bs, const char servicename, machportt service; / When hijacking session between bluetoothd and client, add callba...
[SECURITY] [DLA 1103-1] bluez security update
Package : bluez Version : 4.99-2+deb7u1 CVE ID : CVE-2017-1000250 Debian Bug : 875633 The SDP server in BlueZ is vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the...
CVE-2017-1000250
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...
Information disclosure
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...
CVE-2017-1000250
CVE-2017-1000250 affects the BlueZ Bluetooth stack SDP server. All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information-disclosure flaw in the processing of SDP search attribute requests, allowing a proximate attacker to read portions of bluetoothd process memory ...
CVE-2017-1000250
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...
CVE-2017-1000250
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...
CVE-2017-1000250
All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd process memory. This vulnerability lies in the processing of SDP search attribute requests...
CVE-2017-1000250
An information-disclosure flaw was found in the bluetoothd implementation of the Service Discovery Protocol SDP. A specially crafted Bluetooth device could, without prior pairing or user interaction, retrieve portions of the bluetoothd process memory, including potentially sensitive information...