35 matches found
Astra Linux - уязвимость в bluez
In BlueZ before version 5.55, a double-free error was detected in the gatttool disconnectcb routine from the shared/att.c file. A remote attacker could potentially cause a denial of service or code execution during service discovery, due to the redundant disconnect MGMT event...
MiracleLinux 8 : bluez-5.52-4.el8 (AXSA:2021-1921:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1921:02 advisory. bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to DoS or RCE CVE-2020-27153 Tenable has extracted the...
EUVD-2020-19677
Malware in sbrugna...
Maxima Max Pro Power - BLE Traffic Replay (Unauthenticated)
Exploit Title: Maxima Max Pro Power - BLE Traffic Replay Unauthenticated Date: 13-Nov-2023 Exploit Author: Alok kumar [email protected], Cyberpwn Technologies Pvt. Ltd. Vendor Homepage: https://www.maximawatches.com Product Link: https://www.maximawatches.com/products/max-pro-power Firmware...
SUSE CVE-2020-27153
In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event...
NewStart CGSL MAIN 6.02 : bluez Vulnerability (NS-SA-2022-0055)
The remote NewStart CGSL host, running version MAIN 6.02, has bluez packages installed that are affected by a vulnerability: - In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or cod...
Huawei EulerOS: Security Advisory for bluez (EulerOS-SA-2021-2573)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2021-1307 bluez security update
This package provides all utilities for use in Bluetooth applications. The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A. Security Fixes: In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause ...
Ubuntu 16.04 ESM : BlueZ vulnerabilities (USN-4989-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4989-2 advisory. USN-4989-1 fixed several vulnerabilities in BlueZ. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the precedin...
Ubuntu 18.04 LTS / 20.04 LTS : BlueZ vulnerabilities (USN-4989-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4989-1 advisory. It was discovered that BlueZ incorrectly checked certain permissions when pairing. A local attacker could possibly use this issue to...
CentOS 8 : bluez (CESA-2021:1598)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:1598 advisory. - bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to DoS or RCE CVE-2020-27153 Note that Nessus has not tested...
ALSA-2021:1598 Moderate: bluez security update
The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts AlmaLinux, and pcmcia configuration files. Security Fixes: bluez: double free in gatttool client disconnect callback handler in src/shared/att.c...
EulerOS Virtualization for ARM 64 3.0.6.0 : bluez (EulerOS-SA-2021-1558)
According to the version of the bluez package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker cou...
EulerOS 2.0 SP8 : bluez (EulerOS-SA-2020-2507)
According to the version of the bluez packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a...
EulerOS 2.0 SP9 : bluez (EulerOS-SA-2020-2425)
According to the version of the bluez package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a...
Arbitrary Code Execution
BlueZ is vulnerable to arbitrary code execution. A double free occurs in the gatttool disconnectcb routine from shared/att.c, allowing a remote attacker to potentially cause a denial of service or execute arbitrary code on the host OS during service discovery...
CVE-2020-27153
In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event. Mitigation This flaw can be mitigated by only...
DEBIAN-CVE-2020-27153
In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event...
CVE-2020-27153
In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event...
ALPINE-CVE-2020-27153
In BlueZ before 5.55, a double free was found in the gatttool disconnectcb routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event...