CVE-2021-3588

Опубликовано: 10 июн. 2021

Источник: debian

Описание

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
bluez	fixed	5.55-3.1		package
bluez	not-affected		buster	package
bluez	not-affected		stretch	package

Примечания

https://github.com/bluez/bluez/issues/70
https://bugs.launchpad.net/ubuntu/+source/bluez/+bug/1926548
Fixed by: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=3a40bef49305f8327635b81ac8be52a3ca063d5a (5.56)

Связанные уязвимости

CVE-2021-3588

CVSS3: 3.3

ubuntu

больше 4 лет назад

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.

CVE-2021-3588

CVSS3: 3.3

redhat

около 5 лет назад

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.

CVE-2021-3588

CVSS3: 3.3

nvd

больше 4 лет назад

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.

CVE-2021-3588

CVSS3: 3.3

msrc

около 4 лет назад

Описание отсутствует

openSUSE-SU-2021:2459-1

suse-cvrf

больше 4 лет назад

Security update for bluez