Описание
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | bluez | Out of support scope | ||
| Red Hat Enterprise Linux 7 | bluez | Out of support scope | ||
| Red Hat Enterprise Linux 8 | bluez | Affected | ||
| Red Hat Enterprise Linux 9 | bluez | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1970592bluez: out-of-bounds read in cli_feat_read_cb() in src/gatt-database.c
EPSS
Процентиль: 32%
0.00121
Низкий
3.3 Low
CVSS3
Связанные уязвимости
CVSS3: 3.3
ubuntu
больше 4 лет назад
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
CVSS3: 3.3
nvd
больше 4 лет назад
The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading.
CVSS3: 3.3
debian
больше 4 лет назад
The cli_feat_read_cb() function in src/gatt-database.c does not perfor ...
EPSS
Процентиль: 32%
0.00121
Низкий
3.3 Low
CVSS3