Search CVE reports
41 – 50 of 52 results
CVE-2016-9804
Negligible priorityIn BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of...
1 affected package
bluez
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2016-9803
Negligible priorityIn BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. This issue exists because 'subevent' (which is used to read correct element from 'ev_le_meta_str' array) is overflowed.
1 affected package
bluez
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2016-9802
Negligible priorityIn BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
1 affected package
bluez
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2016-9801
Negligible priorityIn BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file.
1 affected package
bluez
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2016-9800
Negligible priorityIn BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. The issue exists because "pin" array is overflowed by supplied parameter due to lack of boundary checks on size...
1 affected package
bluez
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2016-9799
Negligible priorityIn BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.
1 affected package
bluez
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2016-9798
Negligible priorityIn BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
1 affected package
bluez
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2016-9797
Negligible priorityIn BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
1 affected package
bluez
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2008-2374
Low prioritysrc/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or...
3 affected packages
bluez, bluez-libs, bluez-utils
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez | — | — | — | — | — |
| bluez-libs | — | — | — | — | — |
| bluez-utils | — | — | — | — | — |
CVE-2006-6899
Unknown priorityhidd in BlueZ (bluez-utils) before 2.25 allows remote attackers to obtain control of the (1) Mouse and (2) Keyboard Human Interface Device (HID) via a certain configuration of two HID (PSM) endpoints, operating as a server, aka HidAttack.
1 affected package
bluez-utils
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| bluez-utils | — | — | — | — | — |