Buffer Overflow in BlueZ Affects Linux-Based Environments
CVE-2016-7837

7.8HIGH

Key Information:

Vendor
Bluez Project
Status
Bluez
Vendor
CVE Published:
9 June 2017

Summary

A buffer overflow vulnerability in BlueZ versions 5.41 and earlier allows attackers to execute arbitrary code. This issue arises from improper input handling in the parse_line function utilized by various userland utilities. Successful exploitation can allow an attacker to gain control over the affected system, posing significant risks to data integrity and system availability.

Affected Version(s)

BlueZ 5.41 and earlier

References

https://jvn.jp/en/jp/JVN38755305/index.html
third-party-advisoryx_refsource_JVN
https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/95067
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2016-7837 : Buffer Overflow in BlueZ Affects Linux-Based Environments | SecurityVulnerability.io