46 matches found
The vulnerability of the hci_unregister_dev() function (net/bluetooth/hci_core.c) in the Linux operating system’s Bluetooth kernel driver allows a attacker to cause a service failure.
The vulnerability of the hciunregisterdev function net/bluetooth/hcicore.c in the Linux operating system’s Bluetooth kernel driver is related to improper resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the sco_sock_timeout() function in the Linux operating system’s Bluetooth kernel implementation allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the scosocktimeout function in the net/bluetooth/sco.c module of the Linux operating system’s Bluetooth kernel implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the iso_sock_timeout() function in the Linux operating system’s Bluetooth kernel implementation allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the isosocktimeout function in the net/bluetooth/iso.c module of the Linux operating system’s Bluetooth kernel implementation is related to the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality,...
The vulnerability of the HID Profile interface of the Bluetooth protocol stack for the Linux BlueZ operating system allows a perpetrator to execute arbitrary commands.
The vulnerability of the HID Profile interface of the Bluetooth protocol stack for the Linux BlueZ operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...
The vulnerability of the hci_req_syncComplete() function in the Linux operating system’s Bluetooth kernel allows a intruder to trigger a service failure.
The vulnerability of the hcireqsyncComplete function in the Linux operating system’s Bluetooth kernel relates to the lack of releasing the previous synchronization request state before assigning a reference to the new one. Exploiting this vulnerability can allow an attacker to cause a service...
The vulnerability of the l2cap_le_flowctl_init() function in the Linux kernel’s Bluetooth protocol implementation allows a attacker to cause a service failure.
The vulnerability of the l2capleflowctlinit function in the net/bluetooth/l2capcore.c module of the Linux operating system’s Bluetooth kernel implementation is related to the lack of input data validation. Exploiting this vulnerability could allow a remote attacker to cause service failures...
The vulnerability of the l2cap_connect() function in the Linux operating system’s Bluetooth kernel implementation allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the l2capconnect function in the net/bluetooth/l2capcore.c module of the Linux operating system’s Bluetooth kernel implementation is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an...
kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c
A flaw was found in l2capsockrelease in net/bluetooth/l2capsock.c in the Bluetooth subsystem in the Linux Kernel. This issue may allow a user to cause a use-after-free problem due to sk's children being mishandled...
The vulnerability of the hci_conn_getPhy function in the Linux operating system’s Bluetooth driver allows a hacker to cause a service failure.
The vulnerability of the hciconngetPhy function in the Linux operating system’s Bluetooth driver leads to a freeze. Exploiting this vulnerability can allow an attacker to cause service failures...
SUSE CVE-2024-24860
A race condition was found in the Linux kernel's bluetooth device driver in min,maxkeysizeset function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue...
DEBIAN-CVE-2024-21803
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM bluetooth modules allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/afbluetooth.C. This issue affects Linux kernel: fr...
The vulnerability of the btsdioremove() function in the drivers\bluetooth\btsdio.c driver of the Linux operating system’s Bluetooth kernel allows a attacker to cause a service failure.
The vulnerability of the btsdioremove function in the drivers\bluetooth\btsdio.c driver of the Linux operating system’s Bluetooth kernel relates to the reutilization of previously freed memory due to a race condition. Exploiting this vulnerability could allow an attacker to cause a service failur...
DEBIAN-CVE-2023-1989
A use-after-free flaw was found in btsdioremove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdioremove with an unfinished job, may cause a race problem leading to a UAF on hdev devices...
The vulnerability of the hci_conn_hash_flush() function in the net/bluetooth/hci_conn.c module of the Linux operating system allows a malicious actor to increase their privileges.
The vulnerability of the hciconnhashflush function in the net/bluetooth/hciconn.c module of the Linux operating system is related to the repeated release of previously released memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Linux operating system’s Bluetooth driver allows attackers to gain increased privileges.
The vulnerability of the Linux operating system’s Bluetooth driver kernel is related to errors during authentication processes. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...
[SECURITY] [DSA 4951-1] bluez security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4951-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 07, 2021 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4951-1] bluez security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4951-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 07, 2021 https://www.debian.org/security/faq -...
kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan
A use-after-free flaw was found in hcisendacl in the bluetooth host controller interface HCI in Linux kernel, where a local attacker with an access rights could cause a denial of service problem on the system The issue results from the object hchan, freed in hcidisconnloglinkcompleteevt, yet stil...
Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices
Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the...
The vulnerabilities of the functions hci_uart_register_dev() and hci_uart_set_proto() in the Linux operating system allow attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerabilities of the functions hciuartregisterdev and hciuartsetproto drivers/bluetooth/hcildisc.c in the Linux operating system are related to the use of memory after it is freed. Exploiting these vulnerabilities could allow an attacker to compromise the confidentiality, integrity, and...