Heap-based Buffer Overflow in BlueZ Bluetooth Stack by Linux Vendor
CVE-2019-8922

8.8HIGH

Key Information:

Vendor: Bluez
Status: Bluez
Vendor: CVE Published:; 29 November 2021

What is CVE-2019-8922?

A heap-based buffer overflow has been identified in the BlueZ Bluetooth stack, specifically affecting versions up to 5.48. The vulnerability arises from the lack of sufficient validation on the size of the destination buffer when handling requests. The affected function simply appends requested attributes to the output buffer without performing any size checks. As a result, an attacker capable of crafting a request with a large enough response can trigger a heap overflow, potentially leading to unauthorized access or system instability. This issue highlights the importance of robust input validation and memory management in software design.

References

https://ssd-disclosure.com/ssd-advisory-linux-bluez-infor...

https://security.netapp.com/advisory/ntap-20211203-0002/

https://lists.debian.org/debian-lts-announce/2022/10/msg0...

mailing-list

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 29, 2021
Vulnerability Reserved
Feb 18, 2019

Bluez

What is CVE-2019-8922?

References

CVSS V3.1

Timeline