CVE-2021-43400

Опубликовано: 04 нояб. 2021

Источник: ubuntu

Приоритет: medium

CVSS2: 6.4

CVSS3: 9.1

Описание

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.

Релиз	Статус	Примечание
bionic	released	5.48-0ubuntu3.6
devel	not-affected	5.62-0ubuntu1
esm-infra/bionic	released	5.48-0ubuntu3.6
esm-infra/focal	released	5.53-0ubuntu3.4
esm-infra/xenial	needed
focal	released	5.53-0ubuntu3.4
hirsute	released	5.56-0ubuntu4.3
impish	released	5.60-0ubuntu2.1
jammy	not-affected	5.62-0ubuntu1
kinetic	not-affected	5.62-0ubuntu1

Показывать по

Ссылки на источники

6.4 Medium

CVSS2

9.1 Critical

CVSS3

Связанные уязвимости

CVE-2021-43400

CVSS3: 9.1

redhat

больше 4 лет назад

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.

CVE-2021-43400

CVSS3: 9.1

nvd

больше 4 лет назад

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.

CVE-2021-43400

CVSS3: 9.1

debian

больше 4 лет назад

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after- ...

GHSA-xgf8-98pj-cm5c

CVSS3: 9.1

github

больше 3 лет назад

An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.

BDU:2022-03135

CVSS3: 9.1

fstec

больше 4 лет назад

Уязвимость компонента database.c стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю получить доступ к конфиденциальной информации

6.4 Medium

CVSS2

9.1 Critical

CVSS3

CVE-2021-43400

Описание

Пакет bluez

Ссылки на источники

Связанные уязвимости