PT-2016-7827 · Bluez+2 · Bluez+2
Op7Ic \\X00
·
Publicado
2016-10-30
·
Atualizado
2016-12-07
·
CVE-2016-9799
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
BlueZ version 5.42
Description
A buffer overflow issue was found in the
pklg read hci function in the btsnoop.c source file. This issue can be triggered by processing a corrupted dump file, resulting in a btmon crash.Recommendations
For BlueZ version 5.42, as a temporary workaround, consider disabling the
pklg read hci function until a patch is available. Avoid processing corrupted dump files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Bluez
Debian