Описание
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20938.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 5.79-1 |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | not-affected | 5.53-0ubuntu3.9 |
| esm-infra/xenial | needs-triage | |
| focal | released | 5.53-0ubuntu3.9 |
| jammy | released | 5.64-0ubuntu1.4 |
| noble | not-affected | 5.72-0ubuntu5 |
| oracular | not-affected | 5.77-0ubuntu1 |
| plucky | not-affected | 5.79-1 |
| upstream | released | 5.70-1 |
Показывать по
EPSS
7.1 High
CVSS3
Связанные уязвимости
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20938.
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20938.
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code ...
BlueZ Phone Book Access Profile Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious Bluetooth device. The specific flaw exists within the handling of the Phone Book Access profile. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20938.
Уязвимость компонента Phone Book Access стека протоколов Bluetooth для ОС Linux BlueZ, позволяющая нарушителю выполнять произвольный код
EPSS
7.1 High
CVSS3