0.001 Low
EPSS
Percentile
29.4%
bluez is vulnerable to denial of service attacks. The vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed eventually causing a memory leak.
sdp_cstate_alloc_buf
github.com/bluez/bluez/security/advisories/GHSA-3fqg-r8j5-f5xq
lists.debian.org/debian-lts-announce/2021/11/msg00022.html
lists.debian.org/debian-lts-announce/2022/10/msg00026.html
security-tracker.debian.org/tracker/CVE-2021-41229
security.netapp.com/advisory/ntap-20211203-0004/