PT-2024-20014 · Google · Android +1

Name of the Vulnerable Software and Affected Versions: Google Pixel versions affected versions not specified Non-Pixel Android versions affected versions not specified Description: A high severity Bluetooth issue is reported, which has been listed for both Pixel and non-Pixel devices in different...

PT-2024-1521 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.12-rc2 through 6.8-rc1 Description: The issue is related to a Use After Free vulnerability in the Linux kernel's bluetooth module, specifically in the net/bluetooth/af bluetooth.c driver. This vulnerability can be...

CVE-2023-44102

Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability can cause the Bluetooth function to be unavailable...

CVE-2022-45934

An integer overflow flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user generates malicious L2CAPCONFREQ packets. This flaw allows a local or bluetooth connection user to crash the system. Mitigation To mitigate these vulnerabilities on the operating system level,...

PT-2022-36245 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.78 Description: A use-after-free issue was identified in the L2CAP Logical Link Control and Adaptation Protocol component of the Bluetooth protocol. This issue was introduced in version v3.6 and was fixed ...

CVE-2022-20267

In bluetooth, there is a possible way to enable or disable bluetooth connection without user consent due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PT-2022-14556 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a missing permission check in Bluetooth, allowing devices to be connected or disconnected without user awareness. This could lead to local escalation of privilege, with user...

PT-2022-14559 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: In Bluetooth, there is a possible crash due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for...

CVE-2021-34981

A flaw was found in the Linux kernel's CAPI over Bluetooth connection code. An attacker with a local account can escalate privileges when CAPI ISDN hardware connection fails. Mitigation To mitigate these vulnerabilities on the operating system level, disable the Bluetooth functionality via...

CVE-2021-3752

A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to...

PT-2020-11391 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions 8.0 through 10 Description: The issue is related to a possible out of bounds write due to an incorrect bounds calculation in the Bluetooth stack, which could lead to remote code execution over Bluetooth with no additional...

qemu-kvm security, bug fix, and enhancement update

1.5.3-167.el7 - Reverting kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kvm: Qemu: seccomp: blacklist is not applied to all threads rhel-7 1.5.3-166.el7 - kvm-seccomp-set-the-seccomp-filter-to-all-threads.patch bz1618503 - Resolves: bz1618503 qemu-kv...

Intel® Centrino® Wireless-N and Intel® Centrino® Advanced-N products Bluetooth Driver Advisory

Summary: A potential security vulnerability in ibtfltcoex.sys driver for Intel® Centrino® Wireless adapters may allow denial of service. Vulnerability Details: CVEID: CVE-2018-3669 Description: A STOP error BSoD in the ibtfltcoex.sys driver for Intel® Centrino® Wireless N and Intel® Centrino®...

PT-2006-7505 · Microsoft +2 · Windows Mobile +5

Name of the Vulnerable Software and Affected Versions: Widcomm Stack versions 3.x and earlier Widcomm BTStackServer versions 1.3.2.7 through 1.4.2.10 Widcomm Bluetooth Communication Software version 1.4.1.03 Bluetooth implementation on Windows Mobile or Windows CE on the HP IPAQ 2215 and 5450...