PT-2020-4304 · Linux+6 · Bluez+6

Andy Nguyen

·

Published

2020-02-06

·

Updated

2025-01-27

·

CVE-2020-12351

CVSS v3.1

8.8

High

VectorAV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: BlueZ (affected versions not specified)
Description: The issue is related to improper input validation in BlueZ, which may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. This vulnerability can be exploited by sending specially crafted Bluetooth packets, potentially allowing a remote attacker to execute arbitrary code with Linux kernel privileges. The vulnerability is also known as BleedingTooth.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Access Control

Information Disclosure

Type Confusion

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2020-1145
ALT-PU-2020-1251
ALT-PU-2020-2164
ALT-PU-2020-3069
ALT-PU-2020-3076
ALT-PU-2020-3470
ALT-PU-2020-3536
ALT-PU-2020-3553
ALT-PU-2020-3556
ALT-PU-2021-1093
ALT-PU-2021-1128
ALT-PU-2021-1211
BDU:2020-04797
BDU:2020-04798
CESA-2020_4286
CESA-2020_4289
CVE-2020-12351
DLA-2417-1
DLA-2420-1
DLA-2420-2
DSA-4774-1
LSN-0073-1
MGASA-2020-0392
OPENSUSE-SU-2020:1682-1
OPENSUSE-SU-2020:1698-1
OPENSUSE-SU-2020:2112-1
OPENSUSE-SU-2020_1682-1
OPENSUSE-SU-2020_1698-1
OPENSUSE-SU-2020_2112-1
OPENSUSE-SU-2021:0242-1
OPENSUSE-SU-2021_0242-1
OPENSUSE-SU-2024:10728-1
OPENSUSE-SU-2024:11370-1
OPENSUSE-SU-2024:11371-1
OPENSUSE-SU-2024:13704-1
RHSA-2020:4276
RHSA-2020:4277
RHSA-2020:4278
RHSA-2020:4279
RHSA-2020:4280
RHSA-2020:4281
RHSA-2020:4286
RHSA-2020:4287
RHSA-2020:4288
RHSA-2020:4289
RHSA-2020:4685
RHSA-2020:4686
RHSA-2020_4276
RHSA-2020_4280
RHSA-2020_4286
RHSA-2020_4289
SUSE-FU-2022:4496-1
SUSE-SU-2020:2972-1
SUSE-SU-2020:2980-1
SUSE-SU-2020:2981-1
SUSE-SU-2020:3281-1
SUSE-SU-2020:3389-1
SUSE-SU-2020:3400-1
SUSE-SU-2020:3402-1
SUSE-SU-2020:3441-1
SUSE-SU-2020:3449-1
SUSE-SU-2020:3484-1
SUSE-SU-2020:3491-1
SUSE-SU-2020:3512-1
SUSE-SU-2020:3513-1
SUSE-SU-2020:3522-1
SUSE-SU-2020:3532-1
SUSE-SU-2020:3544-1
SUSE-SU-2020_2972-1
SUSE-SU-2020_2980-1
SUSE-SU-2020_2981-1
SUSE-SU-2020_3389-1
SUSE-SU-2020_3402-1
USN-4591-1
USN-4592-1
USN-7179-1
USN-7179-2
USN-7179-3
USN-7179-4
USN-7183-1
USN-7186-1
USN-7186-2
USN-7194-1

Affected Products

Alt Linux
Bluez
Centos
Linuxmint
Red Hat
Suse
Ubuntu