rpm package
opensuse/bluez&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/bluez&distro=openSUSE%20Tumbleweed
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-27349 | — | < 5.68-2.1 | 5.68-2.1 | May 3, 2024 | BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerab | ||
| CVE-2023-45866 | — | < 5.70-2.1 | 5.70-2.1 | Dec 8, 2023 | Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to | ||
| CVE-2022-0204 | Hig | 8.8 | < 5.65-3.1 | 5.65-3.1 | Mar 10, 2022 | A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | |
| CVE-2021-3588 | — | < 5.65-4.1 | 5.65-4.1 | Jun 10, 2021 | The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. | ||
| CVE-2021-0129 | — | < 5.65-4.1 | 5.65-4.1 | Jun 9, 2021 | Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. | ||
| CVE-2016-9918 | Hig | 7.5 | < 5.65-4.1 | 5.65-4.1 | Dec 8, 2016 | In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash. | |
| CVE-2016-9801 | Med | 5.3 | < 5.65-4.1 | 5.65-4.1 | Dec 3, 2016 | In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file. |
- CVE-2023-27349May 3, 2024affected < 5.68-2.1fixed 5.68-2.1
BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerab
- CVE-2023-45866Dec 8, 2023affected < 5.70-2.1fixed 5.70-2.1
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to
- affected < 5.65-3.1fixed 5.65-3.1
A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.
- CVE-2021-3588Jun 10, 2021affected < 5.65-4.1fixed 5.65-4.1
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
- CVE-2021-0129Jun 9, 2021affected < 5.65-4.1fixed 5.65-4.1
Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
- affected < 5.65-4.1fixed 5.65-4.1
In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
- affected < 5.65-4.1fixed 5.65-4.1
In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.