Lucene search
+L

39 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2025-39860

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: Fix use-after-free in l2capsockcleanuplisten syzbot reported the splat below without a repro. In the splat, a single thread calling btacceptdequeue...

7.8CVSS7AI score0.00152EPSS
Exploits0References3
OSV
OSV
added 2025/09/18 2:15 p.m.1 views

DEBIAN-CVE-2022-50386

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling l2capgetchanblah to prevent the following trace: Bluetooth: l2capcore.c:static void l2capchandestroystruct kref kref Bluetooth: chan...

8CVSS5.8AI score0.0033EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a post-release reuse issue in l2caplecommandrej...

7.8CVSS6AI score0.0015EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/07/28 12:0 a.m.5 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference in the l2capsockresumecb function...

5.5CVSS6.9AI score0.00156EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2025/06/23 8:39 a.m.7 views

CVE-2025-5477

Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth devi...

7.5CVSS8.2AI score0.00325EPSS
Exploits0References1
NVD
NVD
added 2025/06/21 1:15 a.m.8 views

CVE-2025-5477

Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth devi...

7.5CVSS0.00325EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2025/06/11 12:0 a.m.8 views

(Pwn2Own) Sony XAV-AX8500 Bluetooth L2CAP Protocol Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sony XAV-AX8500 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists within the...

7.5CVSS7.5AI score0.00325EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.2 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Do not leave a dangling sk pointer after an error in l2capsockcreate. The btsockalloc function allocates the sk object and attaches it to the provided sock object. If an error occurs in l2capsockalloc, the sk...

7.8CVSS6.4AI score0.00236EPSS
Exploits0References3
OSV
OSV
added 2024/10/21 6:15 p.m.11 views

UBUNTU-CVE-2024-49950

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2capconnect Syzbot reported BUG: KASAN: slab-use-after-free in l2capconnect.constprop.0+0x10d8/0x1270 net/bluetooth/l2capcore.c:3949 Read of size 8 at addr ffff8880241e9800 by task kworker/u9:0/54 CP...

7.8CVSS6.3AI score0.00262EPSS
Exploits0References47
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.3 views

PT-2023-33271 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.161 Description: The issue is related to a potential security vulnerability in the Bluetooth L2CAP protocol, specifically an u8 overflow. The actual impact and attack plausibility have not yet been proven...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.1 views

PT-2023-33079 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.15 Description: The issue is related to a potential security vulnerability in the Bluetooth L2CAP protocol, specifically an u8 overflow. The actual impact and attack plausibility have not yet been proven...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-36358 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 5.10.135 through 5.10.153 Description: A use-after-free issue exists in the l2cap conn del function of the Bluetooth L2CAP protocol. The actual impact and attack plausibility have not yet been proven. Recommendations: Fo...

7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/14 12:0 a.m.5 views

PT-2022-35827 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.296 Description: The issue is related to a user-after-free problem in the Bluetooth L2CAP protocol. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.1AI score
Exploits0References1
NVD
NVD
added 2022/11/11 4:15 a.m.24 views

CVE-2022-41873

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 are vulnerable to an Out-of-bounds read. While processing the L2CAP protocol, the Bluetooth Low Energy stack of Contiki-NG needs to map an incoming channel ID to its metadata...

5.4CVSS0.00248EPSS
Exploits0References2
Prion
Prion
added 2022/11/11 4:15 a.m.19 views

Out-of-bounds

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 are vulnerable to an Out-of-bounds read. While processing the L2CAP protocol, the Bluetooth Low Energy stack of Contiki-NG needs to map an incoming channel ID to its metadata...

4.8CVSS5.5AI score0.00248EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2022/11/11 12:0 a.m.13 views

CVE-2022-41873 Out-of-bounds read and write in BLE L2CAP module

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. Versions prior to 4.9 are vulnerable to an Out-of-bounds read. While processing the L2CAP protocol, the Bluetooth Low Energy stack of Contiki-NG needs to map an incoming channel ID to its metadata...

4.2CVSS6.7AI score0.00248EPSS
Exploits0References4
OSV
OSV
added 2013/03/15 8:55 p.m.4 views

DEBIAN-CVE-2012-6544

The Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the 1 L2CAP or 2 HCI implementation...

1.9CVSS5.5AI score0.00368EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2011/08/23 12:0 a.m.7 views

PT-2011-3903 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0 Description: The issue is caused by an integer underflow in the l2cap config req function, which can lead to a denial of service due to heap memory corruption or possibly have other unspecified impacts. This...

8.3CVSS7.5AI score0.01974EPSS
Exploits8References53
RedHat Linux
RedHat Linux
added 2010/08/17 3:52 p.m.8 views

kernel: bluetooth: potential bad memory access with sysfs files

Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a denial of service memory corruption via a large number of Bluetooth sockets, related to the size of sysfs files in 1 net/bluetooth/l2cap.c, 2 net/bluetooth/rfcomm/core.c, 3...

7.1CVSS5.9AI score0.02979EPSS
Exploits1References4
Rows per page
Query Builder