CVE-2020-27153
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-27153
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-27153.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-27153
- Downstream
- Related
- Published
- 2020-10-15T03:15:12Z
- Modified
- 2025-10-21T05:49:09.675076Z
- Severity
-
- 8.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event.
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00036.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1884817
- https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a
- https://github.com/bluez/bluez/commit/5a180f2ec9edfacafd95e5fed20d36fe8e077f07
- https://lists.debian.org/debian-lts-announce/2020/10/msg00022.html
- https://security.gentoo.org/glsa/202011-01
- https://www.debian.org/security/2021/dsa-4951
Affected packages
Git / github.com/bluez/bluez
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bluez/bluez
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
4.*
4.0
4.1
4.10
4.100
4.101
4.11
4.12
4.13
4.14
4.15
4.16
4.17
4.18
4.19
4.2
4.20
4.21
4.22
4.23
4.24
4.25
4.26
4.27
4.28
4.29
4.3
4.30
4.31
4.32
4.33
4.34
4.35
4.36
4.37
4.38
4.39
4.4
4.40
4.41
4.42
4.43
4.44
4.45
4.46
4.47
4.48
4.49
4.5
4.50
4.51
4.52
4.53
4.54
4.55
4.56
4.57
4.58
4.59
4.6
4.60
4.61
4.62
4.63
4.64
4.65
4.66
4.67
4.68
4.69
4.7
4.70
4.71
4.72
4.73
4.74
4.75
4.76
4.77
4.78
4.79
4.8
4.80
4.81
4.82
4.83
4.84
4.85
4.86
4.87
4.88
4.89
4.9
4.90
4.91
4.92
4.93
4.94
4.95
4.96
4.97
4.98
4.99
5.*
5.0
5.1
5.10
5.11
5.12
5.13
5.14
5.15
5.16
5.17
5.18
5.19
5.2
5.20
5.21
5.22
5.23
5.24
5.25
5.26
5.27
5.28
5.29
5.3
5.30
5.31
5.32
5.33
5.34
5.35
5.36
5.37
5.38
5.39
5.4
5.40
5.41
5.42
5.43
5.44
5.45
5.46
5.47
5.48
5.49
5.5
5.50
5.51
5.52
5.53
5.54
5.6
5.7
5.8
5.9
libs-2.*
libs-2.0
libs-2.0-pre10
libs-2.0-pre7
libs-2.0-pre8
libs-2.0-pre9
libs-2.1
libs-2.10
libs-2.11
libs-2.12
libs-2.13
libs-2.14
libs-2.15
libs-2.16
libs-2.17
libs-2.18
libs-2.19
libs-2.2
libs-2.20
libs-2.21
libs-2.22
libs-2.23
libs-2.24
libs-2.25
libs-2.3
libs-2.4
libs-2.5
libs-2.6
libs-2.7
libs-2.8
libs-2.9
libs-3.*
libs-3.0
libs-3.1
libs-3.10
libs-3.11
libs-3.12
libs-3.13
libs-3.14
libs-3.15
libs-3.16
libs-3.17
libs-3.18
libs-3.19
libs-3.2
libs-3.20
libs-3.21
libs-3.22
libs-3.23
libs-3.24
libs-3.25
libs-3.26
libs-3.27
libs-3.28
libs-3.29
libs-3.3
libs-3.30
libs-3.31
libs-3.32
libs-3.33
libs-3.34
libs-3.35
libs-3.36
libs-3.4
libs-3.5
libs-3.6
libs-3.7
libs-3.8
libs-3.9
utils-2.*
utils-2.0
utils-2.0-pre10
utils-2.0-pre11
utils-2.0-pre12
utils-2.0-pre7
utils-2.0-pre8
utils-2.0-pre9
utils-2.1
utils-2.10
utils-2.11
utils-2.12
utils-2.13
utils-2.14
utils-2.15
utils-2.16
utils-2.17
utils-2.18
utils-2.19
utils-2.2
utils-2.20
utils-2.21
utils-2.22
utils-2.23
utils-2.24
utils-2.25
utils-2.3
utils-2.4
utils-2.5
utils-2.6
utils-2.7
utils-2.8
utils-2.9
utils-3.*
utils-3.0
utils-3.1
utils-3.10
utils-3.10.1
utils-3.11
utils-3.12
utils-3.13
utils-3.14
utils-3.15
utils-3.16
utils-3.17
utils-3.18
utils-3.19
utils-3.2
utils-3.20
utils-3.21
utils-3.22
utils-3.23
utils-3.24
utils-3.25
utils-3.26
utils-3.27
utils-3.28
utils-3.29
utils-3.3
utils-3.30
utils-3.31
utils-3.32
utils-3.33
utils-3.34
utils-3.35
utils-3.36
utils-3.4
utils-3.5
utils-3.6
utils-3.6.1
utils-3.7
utils-3.8
utils-3.9
Database specific
vanir_signatures
[
{
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"193031578723794859252025779680268025050",
"328489074626764670051532720376588187963",
"234780927341935949843624079351461986700",
"315667152069755274390545420421362562734",
"135989866379935825391429829556551430383",
"159111306259249961601994318252371408006",
"133457257734803768519132419718574797765",
"158108262920956119807404915421559473776",
"254205889322255188941922808524596469852",
"328180784454490762655644906709495665121",
"3509613340198738847501478267685258168",
"216061193566643570294522832304722192320",
"100307739094877673628949319102881601483",
"165653913577279199058309468338404586834",
"236085318238112343811746810732155052492",
"20473985302098799622098429475406693735",
"127270796435307027120357940523067201530",
"74521990784890663215507818586454338326",
"207218834111476324065311991714828591242",
"276679355697489795698190647522775802440",
"97412044546354208512225428254390029890",
"10550507841831675259749901203115382645",
"158710138297906037179770610129074560535",
"154523380595998693114353828452535992602"
]
},
"target": {
"file": "src/shared/att.c"
},
"source": "https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a",
"id": "CVE-2020-27153-5c9af719",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "251085821085271362817089067465857009678",
"length": 665.0
},
"target": {
"file": "src/shared/att.c",
"function": "bt_att_cancel"
},
"source": "https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a",
"id": "CVE-2020-27153-5dcc1a0f",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "331238215432473323968595143202019330246",
"length": 1133.0
},
"target": {
"file": "src/shared/att.c",
"function": "disconnect_cb"
},
"source": "https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a",
"id": "CVE-2020-27153-5debd5f7",
"deprecated": false,
"signature_version": "v1"
},
{
"signature_type": "Function",
"digest": {
"function_hash": "217313407953137803246294354082360522010",
"length": 190.0
},
"target": {
"file": "src/shared/att.c",
"function": "cancel_att_send_op"
},
"source": "https://github.com/bluez/bluez/commit/1cd644db8c23a2f530ddb93cebed7dacc5f5721a",
"id": "CVE-2020-27153-62583467",
"deprecated": false,
"signature_version": "v1"
}
]