CVE-2016-9918

Опубликовано: 08 дек. 2016

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. This issue can be triggered by processing a corrupted dump file and will result in btmon crash.

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00054.html
http://www.securityfocus.com/bid/95013
Third Party Advisory
VDB Entry
https://www.spinics.net/lists/linux-bluetooth/msg68898.html
Exploit
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00054.html
http://www.securityfocus.com/bid/95013
Third Party Advisory
VDB Entry
https://www.spinics.net/lists/linux-bluetooth/msg68898.html
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bluez_project:bluez:5.42:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00489

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2016-9918

CVSS3: 7.5

ubuntu

около 9 лет назад

CVE-2016-9918

CVSS3: 4.4

redhat

около 9 лет назад

CVE-2016-9918

CVSS3: 7.5

debian

около 9 лет назад

In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump ...

openSUSE-SU-2019:1198-1

suse-cvrf

почти 7 лет назад

Security update for bluez

SUSE-SU-2019:0841-1

suse-cvrf

почти 7 лет назад

Security update for bluez

EPSS

Процентиль: 65%

0.00489

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125