EulerOS 2.0 SP10 : bluez (EulerOS-SA-2022-1657)

According to the versions of the bluez package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a...

BlueZ Resource Management Error Vulnerability

BlueZ is a Bluetooth protocol stack written in C, which is primarily used to provide support for the core Bluetooth layer and protocol. a resource management error vulnerability exists in BlueZ, which stems from the failure of the D-Bus in the product's gatt-database.c file to properly handle...

Design/Logic Flaw

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call...

CVE-2021-43400

CVE-2021-43400 affects BlueZ (BlueZ 5.61) in the gatt-database.c component. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call, potentially enabling memory corruption. The issue is documented across multiple advisories (Astra Linux, Debian LTS/DLA li...

CVE-2021-3588

CVE-2021-3588 affects BlueZ (BlueZ Bluetooth stack). The issue is in cli_feat_read_cb() in src/gatt-database.c where bounds checks on offset are missing before indexing an array, potentially exposing memory contents. Multiple advisories indicate downstream risk and mitigation via upgrading BlueZ ...