Heap Data Leak Vulnerability in BlueZ Bluetooth Stack by the Linux Foundation
CVE-2019-8921

6.5MEDIUM

Key Information:

Vendor: Bluez
Status: Bluez
Vendor: CVE Published:; 29 November 2021

What is CVE-2019-8921?

A vulnerability exists in the BlueZ Bluetooth stack where the handling of SVC_ATTR_REQ in the SDP implementation may lead to a heap data leak. This occurs when a crafted CSTATE allows a malicious actor to exploit the server's trust in consecutive requests. The flaw in function service_attr_req of sdpd-request.c results in the server potentially returning more bytes than the allocated buffer can handle, leaking arbitrary heap data. This mishandling emphasizes the importance of rigorous data validation in service responses to maintain system integrity.

References

https://ssd-disclosure.com/ssd-advisory-linux-bluez-infor...

https://security.netapp.com/advisory/ntap-20211203-0002/

https://lists.debian.org/debian-lts-announce/2022/10/msg0...

mailing-list

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 29, 2021
Vulnerability Reserved
Feb 18, 2019

Bluez

What is CVE-2019-8921?

References

CVSS V3.1

Timeline