Skip to main content

Bluez

27 CVEs product

Monthly

CVE-2024-8805 HIGH This Week

BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Bluez
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2022-3637 MEDIUM PATCH This Month

A vulnerability has been found in Linux Kernel and classified as problematic. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Bluez
NVD VulDB
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-3563 MEDIUM PATCH This Month

A vulnerability classified as problematic has been found in Linux Kernel. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity.

Linux Denial Of Service Bluez
NVD VulDB
CVSS 3.1
5.7
EPSS
0.4%
CVE-2022-39177 HIGH PATCH This Week

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Bluez Ubuntu Linux Debian Linux
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2022-39176 HIGH PATCH This Week

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Bluez Ubuntu Linux Debian Linux
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2022-0204 HIGH POC PATCH This Week

A heap overflow vulnerability was found in bluez in versions prior to 5.63. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Bluez Fedora Debian Linux
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2021-3658 MEDIUM PATCH This Month

bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Bluez Fedora
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2019-8922 HIGH POC This Week

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Bluez Debian Linux
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2019-8921 MEDIUM POC This Month

An issue was discovered in bluetoothd in BlueZ through 5.48. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bluez Debian Linux
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2021-41229 MEDIUM POC This Month

BlueZ is a Bluetooth protocol stack for Linux. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Bluez Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
1.1%
CVE-2021-43400 CRITICAL PATCH Act Now

An issue was discovered in gatt-database.c in BlueZ 5.61. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure Bluez Debian Linux
NVD
CVSS 3.1
9.1
EPSS
1.5%
CVE-2021-3588 LOW POC Monitor

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Bluez
NVD GitHub
CVSS 3.1
3.3
EPSS
0.4%
CVE-2021-0129 MEDIUM This Month

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Bluez Enterprise Linux Debian Linux
NVD
CVSS 3.1
5.7
EPSS
0.8%
CVE-2020-27153 HIGH PATCH This Week

In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service RCE Bluez Debian Linux Leap
NVD GitHub VulDB
CVSS 3.1
8.6
EPSS
1.9%
CVE-2020-0556 HIGH PATCH This Week

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Privilege Escalation Bluez Ubuntu Linux Debian Linux +1
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2017-1000250 MEDIUM POC THREAT This Month

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 34.3%.

Information Disclosure Bluez
NVD
CVSS 3.0
6.5
EPSS
34.3%
CVE-2016-7837 HIGH PATCH This Week

Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Bluez
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2016-9918 HIGH POC This Week

In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Bluez
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-9917 HIGH POC This Week

In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2016-9804 MEDIUM POC This Month

In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2016-9803 MEDIUM POC This Month

In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2016-9802 MEDIUM POC This Month

In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2016-9801 MEDIUM POC This Month

In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2016-9800 MEDIUM POC This Month

In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2016-9799 MEDIUM POC This Month

In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2016-9798 MEDIUM POC This Month

In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Bluez
NVD
CVSS 3.0
5.3
EPSS
0.5%
CVE-2016-9797 MEDIUM POC This Month

In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
CVSS 3.0
5.3
EPSS
0.5%
EPSS 2% CVSS 8.8
HIGH This Week

BlueZ HID over GATT Profile Improper Access Control Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Bluez
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

A vulnerability has been found in Linux Kernel and classified as problematic. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Linux Denial Of Service Bluez
NVD VulDB
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

A vulnerability classified as problematic has been found in Linux Kernel. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity.

Linux Denial Of Service Bluez
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Bluez Ubuntu Linux +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Bluez Ubuntu Linux +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH POC PATCH This Week

A heap overflow vulnerability was found in bluez in versions prior to 5.63. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Bluez +2
NVD GitHub VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered down, and restores it when powered up. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass Bluez Fedora
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH POC This Week

A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Bluez +1
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM POC This Month

An issue was discovered in bluetoothd in BlueZ through 5.48. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bluez Debian Linux
NVD VulDB
EPSS 1% CVSS 6.5
MEDIUM POC This Month

BlueZ is a Bluetooth protocol stack for Linux. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Bluez Debian Linux
NVD GitHub
EPSS 2% CVSS 9.1
CRITICAL PATCH Act Now

An issue was discovered in gatt-database.c in BlueZ 5.61. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Memory Corruption Information Disclosure +2
NVD
EPSS 0% CVSS 3.3
LOW POC Monitor

The cli_feat_read_cb() function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Information Disclosure Bluez
NVD GitHub
EPSS 1% CVSS 5.7
MEDIUM This Month

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. Rated medium severity (CVSS 5.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Bluez Enterprise Linux +1
NVD
EPSS 2% CVSS 8.6
HIGH PATCH This Week

In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service RCE Bluez +2
NVD GitHub VulDB
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Privilege Escalation Bluez +3
NVD
EPSS 34% CVSS 6.5
MEDIUM POC THREAT This Month

All versions of the SDP server in BlueZ 5.46 and earlier are vulnerable to an information disclosure vulnerability which allows remote attackers to obtain sensitive information from the bluetoothd. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 34.3%.

Information Disclosure Bluez
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Bluez
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

In BlueZ 5.42, an out-of-bounds read was identified in "packet_hexdump" function in "monitor/packet.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Bluez
NVD
EPSS 0% CVSS 7.5
HIGH POC This Week

In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

In BlueZ 5.42, a buffer overflow was observed in "commands_dump" function in "tools/parser/csr.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

In BlueZ 5.42, an out-of-bounds read was observed in "le_meta_ev_dump" function in "tools/parser/hci.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

In BlueZ 5.42, a buffer over-read was identified in "l2cap_packet" function in "monitor/packet.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

In BlueZ 5.42, a buffer overflow was observed in "set_ext_ctrl" function in "tools/parser/l2cap.c" source file when processing corrupted dump file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

In BlueZ 5.42, a buffer overflow was observed in "pin_code_reply_dump" function in "tools/parser/hci.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

In BlueZ 5.42, a buffer overflow was observed in "pklg_read_hci" function in "btsnoop.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

In BlueZ 5.42, a use-after-free was identified in "conf_opt" function in "tools/parser/l2cap.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free +1
NVD
EPSS 0% CVSS 5.3
MEDIUM POC This Month

In BlueZ 5.42, a buffer over-read was observed in "l2cap_dump" function in "tools/parser/l2cap.c" source file. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bluez
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy