PT-2016-7827 · Bluez+2 · Bluez+2
Op7Ic \\X00
·
Published
2016-10-30
·
Updated
2016-12-07
·
CVE-2016-9799
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Name of the Vulnerable Software and Affected Versions
BlueZ version 5.42
Description
A buffer overflow issue was found in the
pklg read hci function in the btsnoop.c source file. This issue can be triggered by processing a corrupted dump file, resulting in a btmon crash.Recommendations
For BlueZ version 5.42, as a temporary workaround, consider disabling the
pklg read hci function until a patch is available. Avoid processing corrupted dump files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Bluez
Debian