Remote Code Execution Flaw in BlueZ Bluetooth Stack
CVE-2020-27153

8.6HIGH

Key Information:

Vendor
Bluez
Status
Bluez
Vendor
CVE Published:
15 October 2020

Summary

In versions of the BlueZ Bluetooth stack prior to 5.55, a double free vulnerability exists within the gatttool disconnect callback routine. This flaw can be exploited by a remote attacker during the service discovery process through a redundant disconnect MGMT event, potentially leading to a denial of service or even arbitrary code execution. Users are advised to upgrade to the latest version to mitigate this risk.

References

https://github.com/bluez/bluez/commit/5a180f2ec9edfacafd9...
x_refsource_MISC
https://github.com/bluez/bluez/commit/1cd644db8c23a2f530d...
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1884817
x_refsource_MISC

CVSS V3.1

Score:
8.6
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2020-27153 : Remote Code Execution Flaw in BlueZ Bluetooth Stack | SecurityVulnerability.io