Astra Linux – Vulnerability in bluez

In BlueZ before version 5.55, a double-free error was detected in the gatttool disconnectcb routine from the shared/att.c file. A remote attacker could potentially cause a denial of service or code execution during service discovery, due to the redundant disconnect MGMT event...

Unity Linux 20.1070e Security Update: bluez (UTSA-2026-016764)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016764 advisory. BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in t...

Astra Linux - уязвимость в bluez

A heap overflow vulnerability was discovered in bluez in versions prior to 5.63. An attacker with local network access could execute specially crafted files, causing the application to stop working or crash, resulting in a denial of service...

Astra Linux - уязвимость в linux, bluez

Improper access control in BlueZ may allow a authenticated user to potentially enable information disclosure through adjacent access...

Astra Linux - уязвимость в bluez

The bluetoothd function from the bluez library incorrectly preserves the discoverable status of adapters when a device is powered down, and restores that status when the device is powered on again. If a device is in the discoverable state while powered down, it will remain discoverable when the...

Astra Linux - уязвимость в bluez

A issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free condition can occur when a client disconnects during D-Bus processing of a WriteValue call...

Astra Linux - уязвимость в bluez

The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...

ROOT-OS-DEBIAN-12-CVE-2023-44431 CVE-2023-44431 in rootio-bluez - Patched by Root

Root has patched CVE-2023-44431 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2016-9917 CVE-2016-9917 in rootio-bluez - Patched by Root

Root has patched CVE-2016-9917 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2016-9797 CVE-2016-9797 in rootio-bluez - Patched by Root

Root has patched CVE-2016-9797 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2023-51589 CVE-2023-51589 in rootio-bluez - Patched by Root

Root has patched CVE-2023-51589 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2016-9918 CVE-2016-9918 in rootio-bluez - Patched by Root

Root has patched CVE-2016-9918 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2023-51594 CVE-2023-51594 in rootio-bluez - Patched by Root

Root has patched CVE-2023-51594 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2016-9804 CVE-2016-9804 in rootio-bluez - Patched by Root

Root has patched CVE-2016-9804 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2016-9803 CVE-2016-9803 in rootio-bluez - Patched by Root

Root has patched CVE-2016-9803 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2016-9798 CVE-2016-9798 in rootio-bluez - Patched by Root

Root has patched CVE-2016-9798 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

ROOT-OS-DEBIAN-12-CVE-2016-9800 CVE-2016-9800 in rootio-bluez - Patched by Root

Root has patched CVE-2016-9800 in the rootio-bluez package for Root:Debian:12. Multiple fixed versions available...

Astra Linux – Vulnerability in Linux, BlueZ

In the Bluetooth Core Specification 2.1 through 5.2, Bluetooth LE and BR/EDR secure pairing mechanisms may allow a nearby man-in-the-middle attacker to identify the Passkey used during pairing in the Passkey authentication procedure by reflecting the public key and the authentication evidence of...

Astra Linux – Vulnerability in bluez

BlueZ is a Bluetooth protocol stack for Linux. In affected versions, there is a vulnerability in sdpcstateallocbuf, which allocates memory that will always remain locked in the singly linked list of cstates and will not be freed. This will lead to a memory leak over time. The allocated data can b...

Astra Linux – Vulnerability in bluez

Bluetooth HID Hosts in BlueZ may allow an unauthenticated peripheral role HID device to initiate and establish an encrypted connection, and to accept HID keyboard reports. This could potentially allow the injection of HID messages when no user interaction has occurred in the Central role, thereby...