8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.8%
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-24490)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 18.04 | noarch | linux-image-5.0.0-1070-oem-osp1 | <Β 5.0.0-1070.76 | UNKNOWN |
Ubuntu | 18.04 | noarch | kernel-signed-image-5.0.0-1070-oem-osp1-di | <Β 5.0.0-1070.76 | UNKNOWN |
Ubuntu | 18.04 | noarch | linux-image-5.0.0-1070-oem-osp1-dbgsym | <Β 5.0.0-1070.76 | UNKNOWN |
Ubuntu | 18.04 | noarch | linux-image-5.3.0-1036-raspi2 | <Β 5.3.0-1036.38 | UNKNOWN |
Ubuntu | 18.04 | noarch | linux-buildinfo-5.3.0-1036-raspi2 | <Β 5.3.0-1036.38 | UNKNOWN |
Ubuntu | 18.04 | noarch | linux-headers-5.3.0-1036-raspi2 | <Β 5.3.0-1036.38 | UNKNOWN |
Ubuntu | 18.04 | noarch | linux-image-5.3.0-1036-raspi2-dbgsym | <Β 5.3.0-1036.38 | UNKNOWN |
Ubuntu | 18.04 | noarch | linux-modules-5.3.0-1036-raspi2 | <Β 5.3.0-1036.38 | UNKNOWN |
Ubuntu | 18.04 | noarch | linux-raspi2-5.3-headers-5.3.0-1036 | <Β 5.3.0-1036.38 | UNKNOWN |
Ubuntu | 18.04 | noarch | linux-raspi2-5.3-tools-5.3.0-1036 | <Β 5.3.0-1036.38 | UNKNOWN |
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
69.8%