CVE-2020-27153

2020-10-15T00:00:00
ID UB:CVE-2020-27153
Type ubuntucve
Reporter ubuntu.com
Modified 2020-10-15T00:00:00

Description

In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.

Bugs

  • <https://bugzilla.redhat.com/show_bug.cgi?id=1884817>

Notes

Author| Note
---|---
mdeslaur | per Red Hat, there is currently no known path to code execution as there is a small time window between the two calls to free() as such, marking as low priority.