![]() User interaction is not needed for exploitation. This could lead to local escalation of privilege with no additional execution privileges needed. In CreateAudioBroadcast of, there is a possible out of bounds write due to a missing bounds check. ![]() ![]() This could lead to local information disclosure with User execution privileges needed. In parse_gap_data of, there is a possible out of bounds read due to a missing bounds check. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. The POPS! Rebel application 5.0 for Android, in POPS! Rebel Bluetooth Glucose Monitoring System, sends unencrypted glucose measurements over BLE.īluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.cīt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. Successful exploitation of this vulnerability may allow attackers to access restricted functions. The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass vulnerability. An attacker with physical access to the accessory may be able to extract its Bluetooth pairing key and monitor Bluetooth traffic. ![]() This issue is fixed in Magic Keyboard Firmware Update 2.0.6. Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release 1 allows remote attackers to establish pairing process without user interaction.Ī session management issue was addressed with improved checks. Microsoft Bluetooth Driver Spoofing Vulnerability ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |