Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, pair only capable devices OFFLOADS pairing using devcom is possible only on devices that support LAG. Filter based on lag capabilities. This fixes an issue where mlx5getnextnextphysdev was called without holdi...

CVE-2024-20889

The CVE-2024-20889 entry concerns Samsung Mobile devices (BLE) with improper authentication prior to SMR Jul-2024 Release 1, allowing adjacent attackers to pair with devices. Root cause: BLE pairing lacks proper authentication in affected builds. Impact: adjacent, unauthenticated pairing could en...

CVE-2022-25837

Bluetooth® Pairing in Bluetooth Core Specification v1.0B through v5.3 may permit an unauthenticated MITM to acquire credentials with two pairing devices via adjacent access when at least one device supports BR/EDR Secure Connections pairing and the other BR/EDR Legacy PIN code pairing if the MITM...

Fedora 33 : switchboard-plug-bluetooth (2021-3dedd41a06)

The remote Fedora 33 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2021-3dedd41a06 advisory. - Switchboard Bluetooth Plug for elementary OS from version 2.3.0 and before version version 2.3.5 has an incorrect authorization vulnerability. When the...

CVE-2020-10134

CVE-2020-10134 affects Bluetooth Core v5.2 and earlier. The vulnerability arises during pairing when an unauthenticated attacker can perform a man-in-the-middle by exploiting users completing two pairing procedures with the MITM using one peer’s confirmation as the other peer’s passkey. This can ...