3 matches found
Unity Linux 20.1070e Security Update: bluez (UTSA-2025-680605)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680605 advisory. BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate paramslen. Tenable has...
CVE-2022-39176
BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate paramslen...
CVE-2017-9677
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msmcomprioctlshared, variable "ddp-paramslength" could be accessed and modified by multiple threads, while it is not protected with locks. If one thread is running, while another thread is setting data, ra...