Back to bug 2027459
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2021-11-29 17:46:41 UTC | Blocks | 2027460 | |
| Peter Robinson | 2021-11-29 22:23:48 UTC | Flags | needinfo?(gsuckevi) | |
| Guilherme de Almeida Suckevicz | 2021-11-30 17:01:31 UTC | Flags | needinfo?(gsuckevi) | |
| Eric Christensen | 2021-12-14 17:14:36 UTC | Doc Text | A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. This can result in a heap overflow if one can craft a request where the response is large | |
| Doc Text | enough to overflow the preallocated buffer. The highest threat from this vulnerability is process availability confidentiality and integrity. | |||
| Fixed In Version | bluez 5.49 | |||
| Depends On | 2031791 | |||
| Flags | needinfo?(gsuckevi) | |||
| Doc Text | A heap-based buffer overflow was discovered in bluetoothd in BlueZ through 5.48. There isn't any check on whether there is enough space in the destination buffer. This can result in a heap overflow if one can craft a request where the response is large enough to overflow the preallocated buffer. The highest threat from this vulnerability is process availability confidentiality and integrity. | A heap-based buffer overflow was discovered in bluetoothd in bluez through version 5.48. A missing check on whether there is enough space in the destination buffer can allow an attacker to exploit the vulnerability by crafting a request where the response is large enough to overflow the preallocated buffer. | ||
| Guilherme de Almeida Suckevicz | 2021-12-15 13:36:19 UTC | Flags | needinfo?(gsuckevi) | |
| Peter Robinson | 2022-03-21 21:33:16 UTC | CC | pbrobinson | |
| Red Hat Bugzilla | 2022-12-26 18:52:22 UTC | CC | gtiwari | |
| Red Hat Bugzilla | 2023-07-07 08:34:09 UTC | Assignee | security-response-team | nobody |
Back to bug 2027459