32 matches found
Astra Linux - уязвимость в bluez
A issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free condition can occur when a client disconnects during D-Bus processing of a WriteValue call...
Astra Linux - уязвимость в bluez
The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...
Unity Linux 20.1070e Security Update: bluez (UTSA-2025-680645)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680645 advisory. An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call. Tenable...
Linux Distros Unpatched Vulnerability : CVE-2021-43400
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call...
SUSE CVE-2021-3588
The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...
SUSE CVE-2021-43400
An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call...
Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2023-1090)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:3981-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : bluez (SUSE-SU-2022:3981-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3981-1 advisory. - bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and...
OESA-2022-2047 bluez security update
This package provides all utilities for use in Bluetooth applications. The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A. Security Fixes: An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a...
EulerOS Virtualization 3.0.6.6 : bluez (EulerOS-SA-2022-2488)
According to the versions of the bluez packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP...
CVE-2022-20222
In readattrvalue of gattdb.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID...
CVE-2022-20222
In readattrvalue of gattdb.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID...
PT-2022-14446
Name of the Vulnerable Software and Affected Versions Android versions Android-12 through Android-12L Description The issue is related to a missing bounds check in the read attr value function of gatt db.cc, which could lead to a possible out of bounds write. This might result in remote code...
EulerOS 2.0 SP3 : bluez (EulerOS-SA-2022-1707)
According to the versions of the bluez packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVCATTRREQ by the SDP implementation. By...
EulerOS Virtualization 3.0.2.0 : bluez (EulerOS-SA-2022-1687)
According to the versions of the bluez package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough...
EulerOS Virtualization 2.9.1 : bluez (EulerOS-SA-2022-1604)
According to the versions of the bluez package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus...
Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2022-1444)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2022-1527 bluez security update
This package provides all utilities for use in Bluetooth applications. The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A. Security Fixes: An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a...
Updated bluez packages fix security vulnerability
BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdpcstateallocbuf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object...