6 matches found
Astra Linux – Vulnerability in bluez
Before version 5.59 of BlueZ, physically nearby attackers could obtain sensitive information because the parameters in the profiles/audio/avrcp.c files were not validated for their length...
CLSA-2026-1777541445 bluez: Fix of 3 CVEs
CVE-2022-0204: fix heap overflow when appending prepare writes in gatt-server - CVE-2022-39176: fix not checking paramslen in AVRCP vendordep PDU handling - CVE-2022-39177: fix accepting invalid/malformed capabilities in AVDTP...
DEBIAN-CVE-2022-39176
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate paramslen...
UBUNTU-CVE-2022-39176
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate paramslen...
CVE-2022-35506
TripleCross v0.1.0 was discovered to contain a stack overflow which occurs because there is no limit to the length of program parameters...
CVE-2017-9677
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msmcomprioctlshared, variable "ddp-paramslength" could be accessed and modified by multiple threads, while it is not protected with locks. If one thread is running, while another thread is setting data, ra...