6 matches found
The vulnerability of the database.c component of the Bluetooth protocol stack for the Linux BlueZ operating system allows a hacker to access confidential information.
The vulnerability of the database.c component of the Bluetooth protocol stack for the Linux BlueZ operating system is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to gain access to confidential information...
EulerOS 2.0 SP10 : bluez (EulerOS-SA-2022-1657)
According to the versions of the bluez package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a...
BlueZ Resource Management Error Vulnerability
BlueZ is a Bluetooth protocol stack written in C, which is primarily used to provide support for the core Bluetooth layer and protocol. a resource management error vulnerability exists in BlueZ, which stems from the failure of the D-Bus in the product's gatt-database.c file to properly handle...
Design/Logic Flaw
An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call...
CVE-2021-43400
CVE-2021-43400 affects BlueZ (BlueZ 5.61) in the gatt-database.c component. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call, potentially enabling memory corruption. The issue is documented across multiple advisories (Astra Linux, Debian LTS/DLA li...
CVE-2021-3588
CVE-2021-3588 affects BlueZ (BlueZ Bluetooth stack). The issue is in cli_feat_read_cb() in src/gatt-database.c where bounds checks on offset are missing before indexing an array, potentially exposing memory contents. Multiple advisories indicate downstream risk and mitigation via upgrading BlueZ ...