Unrated severityNVD Advisory· Published Jun 10, 2021· Updated Sep 16, 2024
memory contents disclosure in cli_feat_read_cb
CVE-2021-3588
Description
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords5 versionspkg:rpm/opensuse/bluez&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/bluez&distro=openSUSE%20Tumbleweedpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3
< 5.55-3.6.1+ 4 more
- (no CPE)range: < 5.55-3.6.1
- (no CPE)range: < 5.65-4.1
- (no CPE)range: < 5.55-3.6.1
- (no CPE)range: < 5.55-3.6.1
- (no CPE)range: < 5.55-3.6.1
Patches
Vulnerability mechanics
References
2- security.gentoo.org/glsa/202209-16mitrevendor-advisoryx_refsource_GENTOO
- github.com/bluez/bluez/issues/70mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.