BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability
Description
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device.
The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20938.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32- osv-coords30 versionspkg:rpm/almalinux/bluezpkg:rpm/almalinux/bluez-cupspkg:rpm/almalinux/bluez-libspkg:rpm/almalinux/bluez-libs-develpkg:rpm/almalinux/bluez-obexdpkg:rpm/opensuse/bluez&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/bluez&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/bluez&distro=openSUSE%20Leap%20Micro%205.4pkg:rpm/suse/bluez&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP5pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5pkg:rpm/suse/bluez&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/bluez&distro=SUSE%20Manager%20Server%204.3
< 5.72-2.el9+ 29 more
- (no CPE)range: < 5.72-2.el9
- (no CPE)range: < 5.72-2.el9
- (no CPE)range: < 5.72-2.el9
- (no CPE)range: < 5.72-2.el9
- (no CPE)range: < 5.72-2.el9
- (no CPE)range: < 5.65-150500.3.6.1
- (no CPE)range: < 5.62-150400.4.19.1
- (no CPE)range: < 5.62-150400.4.19.1
- (no CPE)range: < 5.55-150300.3.28.1
- (no CPE)range: < 5.48-150000.5.54.1
- (no CPE)range: < 5.48-150200.13.30.1
- (no CPE)range: < 5.55-150300.3.28.1
- (no CPE)range: < 5.62-150400.4.19.1
- (no CPE)range: < 5.62-150400.4.19.1
- (no CPE)range: < 5.62-150400.4.19.1
- (no CPE)range: < 5.62-150400.4.19.1
- (no CPE)range: < 5.65-150500.3.6.1
- (no CPE)range: < 5.65-150500.3.6.1
- (no CPE)range: < 5.65-150500.3.6.1
- (no CPE)range: < 5.48-150000.5.54.1
- (no CPE)range: < 5.48-150200.13.30.1
- (no CPE)range: < 5.55-150300.3.28.1
- (no CPE)range: < 5.62-150400.4.19.1
- (no CPE)range: < 5.48-150000.5.54.1
- (no CPE)range: < 5.48-150200.13.30.1
- (no CPE)range: < 5.55-150300.3.28.1
- (no CPE)range: < 5.62-150400.4.19.1
- (no CPE)range: < 5.65-150500.3.6.1
- (no CPE)range: < 5.62-150400.4.19.1
- (no CPE)range: < 5.62-150400.4.19.1
Patches
Vulnerability mechanics
References
2- github.com/bluez/bluez/commit/5ab5352531a9cc7058cce569607f3a6831464443mitrevendor-advisory
- www.zerodayinitiative.com/advisories/ZDI-23-1812/mitrex_research-advisory
News mentions
0No linked articles in our index yet.