Julian Rauchberger discovered that BlueZ incorrectly handled memory when processing SDP attribute requests. A remote attacker could use this issue to cause BlueZ to crash, leading to a denial of service, or possibly execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "5.48-0ubuntu3.7", "binary_name": "bluetooth" }, { "binary_version": "5.48-0ubuntu3.7", "binary_name": "bluez" }, { "binary_version": "5.48-0ubuntu3.7", "binary_name": "bluez-cups" }, { "binary_version": "5.48-0ubuntu3.7", "binary_name": "bluez-dbg" }, { "binary_version": "5.48-0ubuntu3.7", "binary_name": "bluez-hcidump" }, { "binary_version": "5.48-0ubuntu3.7", "binary_name": "bluez-obexd" }, { "binary_version": "5.48-0ubuntu3.7", "binary_name": "bluez-tests" }, { "binary_version": "5.48-0ubuntu3.7", "binary_name": "libbluetooth-dev" }, { "binary_version": "5.48-0ubuntu3.7", "binary_name": "libbluetooth3" }, { "binary_version": "5.48-0ubuntu3.7", "binary_name": "libbluetooth3-dbg" } ] }