12 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-9804
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In BlueZ 5.42, a buffer overflow was observed in commandsdump function in tools/parser/csr.c source file. The issue exists because commands array is overflowed ...
RHEL 5 : bluez (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to DoS o...
RHEL 7 : bluez (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to DoS o...
Mageia: Security Advisory (MGASA-2019-0052)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2021-2088)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:0510-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2021-1460)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2021-1179)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : bluez (EulerOS-SA-2021-1179)
According to the versions of the bluez packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In BlueZ 5.42, a use-after-free was identified in 'confopt' function in 'tools/parser/l2cap.c' source file. This issue can be triggered by...
SUSE SLES12 Security Update : bluez (SUSE-SU-2019:0510-1) (BlueBorne)
This update for bluez fixes the following issues : Security issues fixed : CVE-2016-7837: Fixed possible buffer overflow, make sure we don't write past the end of the array.bsc1026652 CVE-2016-9800: Fix hcidump memory leak in pincodereplydump bsc1013721. CVE-2016-9801: Fixed a buffer overflow in...
SUSE SLED12 / SLES12 Security Update : bluez (SUSE-SU-2018:1778-1) (BlueBorne)
This update for bluez fixes the following issues: Security issues fixed : - CVE-2016-9800: Fix hcidump memory leak in pincodereplydump bsc1013721. - CVE-2016-9804: Fix hcidump buffer overflow in commandsdump bsc1013877. - CVE-2016-7837: Fix possible buffer overflow, make sure we don't write past...
CVE-2016-9804
In BlueZ 5.42, CVE-2016-9804 is a buffer overflow in the commands_dump path of the hcidump tooling. The overflow occurs in tools/parser/csr.c due to lack of boundary checks on the size of the buffer from frm->ptr, overflowing the commands array when processing a corrupted dump file and causing...