14 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3588
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...
SUSE CVE-2021-3588
The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...
CVE-2021-3588 affecting package bluez for versions less than 5.63-1
CVE-2021-3588 affecting package bluez for versions less than 5.63-1. An upgraded version of the package is available that resolves this issue...
openSUSE: Security Advisory for bluez (openSUSE-SU-2021:2459-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2021:2459-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2021:2459-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2459-1 advisory. - CVE-2021-3588: Fixed a missing bounds checks inside clifeatreadcb function in src/gatt-database.c bsc1187165 Tenable has extracted the...
OPENSUSE-SU-2021:2459-1 Security update for bluez
This update for bluez fixes the following issues: - CVE-2021-3588: Fixed a missing bounds checks inside clifeatreadcb function in src/gatt-database.c bsc1187165...
SUSE-SU-2021:2459-1 Security update for bluez
This update for bluez fixes the following issues: - CVE-2021-3588: Fixed a missing bounds checks inside clifeatreadcb function in src/gatt-database.c bsc1187165...
Security update for bluez (moderate)
openSUSE Security Update: Security update for bluez Announcement ID: openSUSE-SU-2021:2459-1 Rating: moderate References: 1187165 Cross-References: CVE-2021-3588 CVSS scores: CVE-2021-3588 NVD : 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-3588 SUSE: 3.3...
Updated bluez packages fix security vulnerability
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing in the Passkey authentication procedure by reflection of the public key and the authentication evidence of the initiati...
Ubuntu: Security Advisory (USN-4989-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS / 20.04 LTS : BlueZ vulnerabilities (USN-4989-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4989-1 advisory. It was discovered that BlueZ incorrectly checked certain permissions when pairing. A local attacker could possibly use this issue to...
CVE-2021-3588
The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...
CVE-2021-3588
CVE-2021-3588 affects BlueZ (BlueZ Bluetooth stack). The issue is in cli_feat_read_cb() in src/gatt-database.c where bounds checks on offset are missing before indexing an array, potentially exposing memory contents. Multiple advisories indicate downstream risk and mitigation via upgrading BlueZ ...