Denial Of Service (DoS)

2022-02-0818:17:38

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

8.8 High

CVSS3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

5.8 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:P/I:P/A:P

JSON

bluez is vulnerable to denial of service. The vulnerability exists due to a heap overflow which allows attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.

CPENameOperatorVersion
bluez:develeq5.54-0ubuntu1
bluez:develeq5.55-0ubuntu3
bluez:develeq5.55-0ubuntu3.1
bluez:develeq5.55-0ubuntu1
bluez:develeq5.56-0ubuntu2
bluez:bioniceq5.48-0ubuntu3
bluez:bioniceq5.48-0ubuntu3.4
bluez:bioniceq5.48-0ubuntu3.5
bluez:focaleq5.53-0ubuntu3
bluez:sideq5.55-1

Name	Operator	Version
bluez:devel	eq	5.54-0ubuntu1
bluez:devel	eq	5.55-0ubuntu3
bluez:devel	eq	5.55-0ubuntu3.1
bluez:devel	eq	5.55-0ubuntu1
bluez:devel	eq	5.56-0ubuntu2
bluez:bionic	eq	5.48-0ubuntu3
bluez:bionic	eq	5.48-0ubuntu3.4
bluez:bionic	eq	5.48-0ubuntu3.5
bluez:focal	eq	5.53-0ubuntu3
bluez:sid	eq	5.55-1