Page 3 of 29 results (0.016 seconds)

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-3588 – memory contents disclosure in cli_feat_read_cb

https://notcve.org/view.php?id=CVE-2021-3588

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. La función cli_feat_read_cb() en src/gatt-database.c no realiza comprobaciones de límites en la variable 'offset' antes de utilizarla como índice en un array para su lectura • https://github.com/bluez/bluez/issues/70 https://security.gentoo.org/glsa/202209-16 • CWE-125: Out-of-bounds Read CWE-788: Access of Memory Location After End of Buffer •

CVSS: 6.4EPSS: 0%CPEs: 12EXPL: 0

CVE-2021-0129 – kernel: Improper access control in BlueZ may allow information disclosure vulnerability.

https://notcve.org/view.php?id=CVE-2021-0129

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. Un control de acceso inapropiado en BlueZ puede permitir a un usuario autenticado permitir potencialmente una divulgación de información por medio de un acceso adyacente A flaw was found in the Linux kernel. Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. The highest threat from this vulnerability is to data confidentiality and integrity. • https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html https://security.gentoo.org/glsa/202209-16 https://security.netapp.com/advisory/ntap-20210716-0002 https://www.debian.org/security/2021/dsa-4951 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html https://access.redhat.com/security/cve/CVE-2021& • CWE-287: Improper Authentication •

CVSS: 8.8EPSS: 5%CPEs: 5EXPL: 0

CVE-2020-27153 – bluez: double free in gatttool client disconnect callback handler in src/shared/att.c could lead to DoS or RCE

https://notcve.org/view.php?id=CVE-2020-27153

In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event. En BlueZ versiones anteriores a 5.55, se encontró una doble liberación en la rutina disconnect_cb() de gatttool del archivo shared/att.c. Un atacante remoto podría potencialmente causar una denegación de servicio o una ejecución de código, durante la detección del servicio, debido a un evento MGMT de desconexión redundante • http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00036.html https://bugzilla.redhat.com/show_bug.cgi?id=1884817 https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a https://github.com/bluez/bluez/commit/5a180f2ec9edfacafd95e5fed20d36fe8e077f07 https://lists.debian.org/debian-lts-announce/2020/10/msg00022.html https://security.gentoo.org/glsa/202011-01 https://www.debian.org/security/2021/dsa-4951& • CWE-415: Double Free CWE-416: Use After Free •

CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-0556 – bluez: Improper access control in subsystem could result in privilege escalation and DoS

https://notcve.org/view.php?id=CVE-2020-0556

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access El control de acceso incorrecto en el subsistema para BlueZ anterior a la versión 5.54 puede permitir que un usuario no autenticado permita potencialmente la escalada de privilegios y la denegación de servicio a través del acceso adyacente • http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00055.html https://lists.debian.org/debian-lts-announce/2020/06/msg00008.html https://security.gentoo.org/glsa/202003-49 https://usn.ubuntu.com/4311-1 https://www.debian.org/security/2020/dsa-4647 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00352.html https://access.redhat.com/security/cve/CVE-2020-0556 https • CWE-266: Incorrect Privilege Assignment •

CVSS: 4.5EPSS: 0%CPEs: 2EXPL: 1

CVE-2018-10910 – bluez: failure in disabling Bluetooth discoverability in certain cases may lead to the unauthorized pairing of Bluetooth devices

https://notcve.org/view.php?id=CVE-2018-10910

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable. Un fallo en Bluez podría permitir al estado "Bluetooth Disponible" establecerse en "activo" cuando no hay ningún agente Bluetooth registrado con el sistema. Esto podría provocar el emparejamiento no autorizado de determinados dispositivos Bluetooth sin ningún tipo de autenticación. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10910 https://usn.ubuntu.com/3856-1 https://access.redhat.com/security/cve/CVE-2018-10910 https://bugzilla.redhat.com/show_bug.cgi?id=1606203 • CWE-863: Incorrect Authorization •