Heap Overflow Vulnerability in Bluez Affects Local Network Access
CVE-2022-0204

8.8HIGH

Key Information:

Vendor
Bluez
Status
Bluez
Vendor
CVE Published:
10 March 2022

Summary

A heap overflow vulnerability has been identified in Bluez versions prior to 5.63. This flaw allows an attacker with local network access to send specially crafted files that could cause applications to crash or halt, resulting in a denial of service. It is crucial for users to update their Bluez installations to the latest version to mitigate this risk.

Affected Version(s)

bluez bluez versions prior to 5.63

References

https://bugzilla.redhat.com/show_bug.cgi?id=2039807
https://github.com/bluez/bluez/security/advisories/GHSA-4...
https://github.com/bluez/bluez/commit/591c546c536b42bef69...

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2022-0204 : Heap Overflow Vulnerability in Bluez Affects Local Network Access | SecurityVulnerability.io