CVE-2022-0204

Опубликовано: 12 нояб. 2021

Источник: redhat

CVSS3: 6.8

EPSS Низкий

Описание

A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.

A heap overflow vulnerability was found in bluez. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	bluez	Not affected
Red Hat Enterprise Linux 7	bluez	Not affected
Red Hat Enterprise Linux 8	bluez	Not affected
Red Hat Enterprise Linux 9	bluez	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-190

https://bugzilla.redhat.com/show_bug.cgi?id=2039807bluez: heap-based buffer overflow in the implementation of the gatt protocol

EPSS

Процентиль: 15%

0.0005

Низкий

6.8 Medium

CVSS3

Связанные уязвимости

CVE-2022-0204

CVSS3: 8.8

ubuntu

почти 4 года назад

CVE-2022-0204

CVSS3: 8.8

nvd

почти 4 года назад

CVE-2022-0204

CVSS3: 8.8

debian

почти 4 года назад

A heap overflow vulnerability was found in bluez in versions prior to ...

SUSE-SU-2022:3247-1

suse-cvrf

больше 3 лет назад

Security update for bluez

SUSE-SU-2022:2883-1

suse-cvrf

больше 3 лет назад

Security update for bluez

EPSS

Процентиль: 15%

0.0005

Низкий

6.8 Medium

CVSS3