rpm package
suse/bluez&distro=SUSE Linux Enterprise Server 12 SP3-BCL
pkg:rpm/suse/bluez&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-8922 | Hig | 8.8 | < 5.13-5.26.1 | 5.13-5.26.1 | Nov 29, 2021 | A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to th | |
| CVE-2019-8921 | Med | 6.5 | < 5.13-5.31.1 | 5.13-5.31.1 | Nov 29, 2021 | An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting | |
| CVE-2020-0556 | — | < 5.13-5.23.1 | 5.13-5.23.1 | Mar 12, 2020 | Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access | ||
| CVE-2016-9803 | Med | 5.3 | < 5.13-5.31.1 | 5.13-5.31.1 | Dec 3, 2016 | In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed. |
- affected < 5.13-5.26.1fixed 5.13-5.26.1
A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. The function simply appends all data passed to it. The values of all attributes that are requested are appended to th
- affected < 5.13-5.31.1fixed 5.13-5.31.1
An issue was discovered in bluetoothd in BlueZ through 5.48. The vulnerability lies in the handling of a SVC_ATTR_REQ by the SDP implementation. By crafting a malicious CSTATE, it is possible to trick the server into returning more bytes than the buffer actually holds, resulting
- CVE-2020-0556Mar 12, 2020affected < 5.13-5.23.1fixed 5.13-5.23.1
Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access
- affected < 5.13-5.31.1fixed 5.13-5.31.1
In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.