Privilege Escalation Vulnerability in Affix Bluetooth Protocol Stack for Linux
CVE-2005-1294

Currently unrated

Key Information:

Vendor: Nokia
Status: Affix
Vendor: CVE Published:; 24 April 2005

What is CVE-2005-1294?

The affix_sock_register function in the Affix Bluetooth Protocol Stack for Linux has a potential flaw that may allow local attackers to exploit an integer underflow through a socket call with a negative protocol value. This vulnerability misuses the negative value as an index for an array, potentially leading to unauthorized access and privilege escalation. Ensuring proper validation of input values is crucial to mitigate such risks.

References

http://marc.info/?l=bugtraq&m=111445064725591&w=2

mailing-listx_refsource_BUGTRAQ

http://www.digitalmunition.com/DMA%5B2005-0423a%5D.txt

x_refsource_MISC

http://affix.sourceforge.net/patch_hci_3_2_0

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Apr 26, 2005
Vulnerability published
Apr 24, 2005

Nokia

What is CVE-2005-1294?

References

Timeline