CVE-2022-38983

The BT Hfp Client module has a Use-After-Free UAF vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution...

EUVD-2021-21712

Malware in sbrugna...

EUVD-2022-41529

Malicious code in bioql PyPI...

CVE-2023-21108

In sdpubuilduuidseq of sdpdiscovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2021-35068

Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables...

Out-of-bounds

In sdpubuilduuidseq of sdpdiscovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-21108

In sdpubuilduuidseq of sdpdiscovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2023-21108

CVE-2023-21108 affects Android 11–13 via the Bluetooth SDP discovery path: in sdpu_build_uuid_seq of sdp_discovery.cc, an out-of-bounds write caused by a use-after-free can lead to remote code execution if Hands Free Profile (HFP) is enabled. No user interaction is required. The vulnerability is ...

ASB-A-239414876

In sdpubuilduuidseq of sdpdiscovery.cc, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is enabled, with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-38983

The BT Hfp Client module has a Use-After-Free UAF vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution...

Design/Logic Flaw

The BT Hfp Client module has a Use-After-Free UAF vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution...

CVE-2022-38983

The BT Hfp Client module has a Use-After-Free UAF vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution...

CVE-2022-38983

The CVE-2022-38983 entry concerns a Use-After-Free (UAF) vulnerability in the Huawei HarmonyOS BT Hfp Client module. Multiple connected sources (Red Hat CVE, NVD/NVD record, CNVD/CNNVD, PRION) confirm this vulnerability in the BT Hfp Client, with potential for arbitrary code execution if exploite...

CVE-2022-38983

The BT Hfp Client module has a Use-After-Free UAF vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution...

Huawei HarmonyOS Memory Misreference Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. Huawei HarmonyOS is vulnerable to a memory mis-referencing vulnerability that stems from a confusion in the BT Hfp Client module's instructions for freeing memory. The vulnerability can be exploited by an attacker to potentially cause...

CVE-2022-22105

CVE-2022-22105 describes a memory corruption vulnerability in Bluetooth caused by an integer overflow when processing the HFP-UNIT profile. Affected are Qualcomm Snapdragon devices across multiple lines (Auto, Consumer IoT, Mobile, Voice & Music). Root cause: integer overflow in the HFP-UNIT hand...

Qualcomm 芯片输入验证错误漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way to miniaturize circuits mainly semiconductor devices, but also passive components, etc., and from time to time are manufactured on the surface of semiconductor wafers. The Qualcomm chip has an input validation error vulnerability tha...

CVE-2022-25651

Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

CVE-2022-25651

CVE-2022-25651 describes a memory corruption in the Bluetooth host due to an integer overflow when processing the BT HFP-UNIT profile on Qualcomm Snapdragon platforms (Auto, Consumer IoT, Industrial IoT, Mobile, and Voice & Music). The description identifies the root cause as an integer overflow ...

Null pointer dereference

Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables...