In BlueZ 5.42, a buffer overflow was observed in "read_n" function in "tools/hcidump.c" source file. This issue can be triggered by processing a corrupted dump file and will result in hcidump crash.
References
Link | Resource |
---|---|
https://www.spinics.net/lists/linux-bluetooth/msg68892.html | Exploit Third Party Advisory |
http://www.securityfocus.com/bid/95013 | Third Party Advisory VDB Entry |
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00069.html | Mailing List Third Party Advisory |
Configurations
Information
Published : 2016-12-08 00:59
Updated : 2019-12-19 09:46
NVD link : CVE-2016-9917
Mitre link : CVE-2016-9917
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
bluez
- bluez